[jcifs] The Push to Disable SMB1

Michael B Allen ioplex at gmail.com
Tue Jul 11 02:15:28 UTC 2017

On Thu, Jun 8, 2017 at 10:58 AM, Vella, Shon via jCIFS
<jcifs at lists.samba.org> wrote:
> Thanks for this update, Moritz. We've been scrambling to find or
> create an alternate solution ever since the WannaCry outbreak and the
> redoubled push by MS to have everyone turn off SMB1, and this sounds

I'm not sure I understand the push to disable SMB1. My understanding
is that the SMB1 vulnerability was just a buffer overrun in the
TREE_CONNECT_ANDX response which seems to be should have been a simple

I have to wonder if this is one of those cases were they kinda know
how to fix something but they don't because it's more profitable to
play along with public perception that SMB1 is so old you'll turn to
stone if you so much as look at it. Like it's an old Pontiac with a
hole in the exhaust.

Has MS not patched this? Otherwise installing an update is probably
easier than disabling SMB1.


Michael B Allen
Java Active Directory Integration

More information about the jCIFS mailing list