[jcifs] The Push to Disable SMB1

Vella, Shon svella at idauto.net
Tue Jul 11 14:43:24 UTC 2017


Yes, there are patches for all the known vulnerabilities, and that's
what we are telling our customers. But Microsoft has been pushing
customers to turn off SMBv1 for at least a year now, primarily because
they just don't want to support it anymore, and the WannaCry and Petya
outbreaks give them more fuel for their campaign, even though the
vulnerability was in their implementation, not the protocol itself.

Shon Vella
Identity Automation
Staff Engineer

On Mon, Jul 10, 2017 at 8:15 PM, Michael B Allen <ioplex at gmail.com> wrote:
> On Thu, Jun 8, 2017 at 10:58 AM, Vella, Shon via jCIFS
> <jcifs at lists.samba.org> wrote:
>> Thanks for this update, Moritz. We've been scrambling to find or
>> create an alternate solution ever since the WannaCry outbreak and the
>> redoubled push by MS to have everyone turn off SMB1, and this sounds
> I'm not sure I understand the push to disable SMB1. My understanding
> is that the SMB1 vulnerability was just a buffer overrun in the
> TREE_CONNECT_ANDX response which seems to be should have been a simple
> fix.
> I have to wonder if this is one of those cases were they kinda know
> how to fix something but they don't because it's more profitable to
> play along with public perception that SMB1 is so old you'll turn to
> stone if you so much as look at it. Like it's an old Pontiac with a
> hole in the exhaust.
> Has MS not patched this? Otherwise installing an update is probably
> easier than disabling SMB1.
> Mike
> --
> Michael B Allen
> Java Active Directory Integration
> http://www.ioplex.com/

More information about the jCIFS mailing list