How to Protect Your Computer From the SMB and SMBv1 Vulnerability

Learn why you need to disable these legacy programs

Operating systems are perpetual works in progress, and sometimes older versions of programs are left in place to ensure older and newer computers can talk to each other. However, that isn't without risk, and some programs, like Server Message Block (SMB) need to have their older versions shut off because they open the door for SMB and SMBv1 vulnerabilities. Here's what you need to know.

What Is Server Message Block (SMB)?

Server Message Block (SMB) is a protocol Windows servers use to communicate with clients. Whenever you log into a website that uses Windows server software or send something to a printer your computer isn't directly connected to, you're probably using a version of the SMB protocol. It allows people and devices to share files and data. There are currently three versions: SMB, SMBv1, SMBv2, and SMBv3. Versions 2 and 3 are the most current.

Why Should I Disable SMB and SMBv1?

The problem, of course, is not every file is something you want. SMBv1, for example, had a vulnerability, quickly patched, that would have allowed a hacker to take complete control of a system remotely. Furthermore, except in very specific cases involving very old computer systems, they're no longer needed to interact with printers and computers. 

While there are no current outstanding liabilities for SMB and SMBv1, Microsoft has stopped supporting them, which means they're not actively looking for problems or automatically sending out patches, so they should be disabled for safety.

What are SMB Direct and SMB Multichannel?

Depending on your computer, you may see another program called SMB Direct or SMB Multichannel. SMB Direct and SMB Multichannel are current programs used by Windows Server to work with certain types of network adapters, and should be left alone unless a server technician or similar expert asks you to shut them off.

Should I Disable SMBv2 or SMBv3?

While it is possible to disable SMBv2 and v3, this is generally only done as a troubleshooting measure by server technicians looking to diagnose a problem on the network. Disabling them, even temporarily, will slow down your internet connection and likely cause problems elsewhere, so if you see them in your travels, leave them alone.

What If My Printer Stops Working?

In some cases, very old devices such as printers will stop working when SMB or SMBv1 is disabled. This is extremely rare, as most of these devices have gone out of service, but it is a possibility. 

If you absolutely need this device and can't replace it, check with the manufacturer and see if they've written a driver that will work with more recent versions of SMB. If you can connect the device physically to your computer, instead of over a network, that will also be an option. If that's not available, your best option is to only enable SMB when you need to use it, and leave it disabled otherwise.  

How to Disable SMB and SMBv1

If you suspect that SMB and SMBv1 are causing issues, you can disable those protocols using these steps.

  1. Go to Settings > Control Panel > Programs > Turn Windows Programs On or Off.

    A Windows 10 Control Panel
  2. Scroll down until you find SMB 1.0/CIFS File Sharing Support. If it's checked off, uncheck it.

    A Windows Programs Menu Window
  3. Once SMB is turned off, restart your computer.