This article is more than 1 year old

Have to use SMB 1.0? Windows 10 April 2018 Update says NO

Microsoft: For goodness' sake, cover yourselves up. Nobody wants to see that

The Windows 10 April 2018 Update has been out for over a month now, and the rumbling of user dissatisfaction continues. This time it's networking problems for users still clinging to the venerable SMB1 protocol.

Users have taken to support forums, including Microsoft's own, complaining that the latest version of Windows 10 is taking a hard line against the use of the elderly networking protocol; not just disabling SMB1, but going so far as to block it even when customers attempt to switch it back on.

Some users have pointed a finger at Windows 10's built-in antivirus tools and reported success with a workaround that involves disabling Windows Defender and replacing it with something like Avast, though that approach can bring problems of its own.

Microsoft's Ned Pyle, author of a Microsoft TechNet post urging the dumping of SMB1, told El Reg:

I suspect they are referring to a problem where they have SMB1 client installed but running applications off a remote SMB1 share, while using antivirus that interrogates processes creating on remote paths through a minifilter driver. It’s not a general inability to connect or access files, I believe.

This would make sense given the workarounds users have come up with, and Pyle reckoned that a fix could appear in June's cumulative update. Users therefore don't have much longer to wait before they can once more connect to their own servers using the outdated networking protocol.

Microsoft has since updated a couple of Knowledge Base articles on the subject, KB4103721 and KB4100403. Both warn of a problem running programs from a shared folder via SMB1 and, yes, both suggest the workaround until a fix is available is to, er, STOP USING SMB1.

Microsoft emitted a patch in 2016 to deal with a remote code execution vulnerability in the 30-year-old protocol, just as the Shadow Brokers released a swath of NSA hacking tools that sliced through SMB1 like a laser cutter through butter. Redmond also began a concerted effort to persuade people to move onto something a little more modern and secure.


Latest Windows 10 Insider build pulls the trigger on crappy SMB1


Redmond upped the ante with the Fall Creators Update of Windows 10 (aka 1709) last year, which removed the protocol from the client operating system by default on fresh installations. Users upgrading their Home and Professional versions of Windows 10 would have the protocol quietly uninstalled if they didn't use it in 15 days.

However, holdouts for what Pyle referred to as "the West Coast hippy lifestyle," or connecting to services that require SMB1 (Microsoft’s end-of-lifed Windows Server 2003, for example,) could still switch the protocol back on if needed.

While Microsoft is to be applauded for trying to get customers to move on from the venerable (and vulnerable) SMB1, if users want to do the security equivalent of running naked down the street while singing a variety of ribald rugby songs, they should be allowed to do so unless told clearly that this sort of thing just isn't going to be tolerated any more.

On a positive note, while being massively inconvenient for some customers, and another indication that 1803 suffered somewhat in the quality department, the bug has had the effect of forcing users who can move on from SMB1 to do so. Other customers who are not so lucky will be taking a long, hard look at their options, because time is running short for SMB1. ®

More about


Send us news

Other stories you might like