Microsoft Gets Ready to Disable SMB1 Protocol on Windows 11

Microsoft announced yesterday that it’s taken a new step towards the deprecation of the SMB1 file-sharing protocol on Windows PCs. The company has now disabled the protocol by default on the latest Windows 11 Home Insider builds coming from the Dev Channel. 

If the protocol will soon no longer be enabled by default on Windows 11 Home, IT admins will still be able to reinstall it manually. The Windows 11 Home change also won’t affect in-place upgrades on PC where the protocol was already being used.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Microsoft decided years ago to stop installing SMB1 by default on Windows 10 and Windows Server. SMB1 is a decades-old protocol that’s still being used to connect PCs to old NAS devices, but Microsoft is now planning to drop SMB1 support on Windows for good.

“There is no edition of Windows 11 Insider that has any part of SMB1 enabled by default anymore. At the next major release of Windows 11, that will be the default behavior as well,” explained Ned Pyle, Principal Program Manager in the Windows Server engineering group.

Ultimately, Microsoft plans to go even further and remove SMB1 binaries on its operating systems. “Windows and Windows Server will no longer include the drivers and DLLs of SMB1. We will provide an out-of-band unsupported install package for organizations or users that still need SMB1 to connect to old factory machinery, medical gear, consumer NAS, etc.,” Pyle explained. 

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 17 comments

  • ronv42

    Premium Member
    20 April, 2022 - 8:21 am

    <p>This is great news from a security point of view. But the down side is that there are sill older routers and NAS devices hosting storage that this will break along with many multi function printers that scan to NAS storage.</p>

    • mikegalos

      20 April, 2022 - 3:36 pm

      <p>Which means those older devices are also not secure and likely have other security issues that should make them candidates for replacement. In the rare cases where a critical device has no secure replacement available then this is good warning that the device should be isolated at a minimum.</p><p><br></p><p>Security doesn’t mean "secure as long as we don’t have to replace anything".</p>

  • Bart

    Premium Member
    20 April, 2022 - 8:37 am

    <p>I am out of my depth here. </p><p><br></p><p>Does this have any implications for accessing a Synology NAS (running the latest software) for example?</p>

  • Ruvger

    Premium Member
    20 April, 2022 - 9:02 am

    <p>This is great news. Microsoft needs to be more aggressive with this stuff. They are doing the right thing. </p>

  • crunchyfrog

    20 April, 2022 - 9:07 am

    <p>There’s no good reason to keep supporting this flawed protocol. I understand this will cause issue with users with old hardware and software but it’s time to move on and upgrade these to newer versions.</p>

    • fishnet37222

      Premium Member
      20 April, 2022 - 11:26 am

      <p>As stated, they will provide an out-of-band unsupported package to install the functionality if it’s still needed.</p>

  • dan1986ist

    Premium Member
    20 April, 2022 - 9:56 am

    <p>in my opinion, it’ll be a lot easier for those us who are home cusomers to move away from using SMB1, assuming anyone reading this still using it, than it’ll be for those using equipment in specialized industries.</p>

    • mikegalos

      21 April, 2022 - 9:42 pm

      <p>Precisely. The remaining usage being supported will likely be things like process control systems in factories that need a very long lifespan but are never exposed to outside networks.</p><p><br></p>

  • dftf

    20 April, 2022 - 1:15 pm

    <p>Good news!</p><p><br></p><p>However… don’t they still ship with TLS 1.0 and TLS 1.1 enabled by-default? Anything below TLS 1.2 should really be getting dropped now…</p><p><br></p><p>Also, by-default for a LAN or WLAN adaptor, "Client for Microsoft Networks", "File and Printer Sharing for Microsoft Networks", "QoS Packet Scheduler", and a few-other services or protocols are all enabled by-default. Yet for a typical home-computer, that connects directly to a router and isn’t part of a home-network, the only item you need enabled is "TCP/IPv4" and, if your ISP and router both support it, "TCP/IPv6" also. Everything-else can safely be left turned-off though.</p>

  • proftheory

    Premium Member
    20 April, 2022 - 4:18 pm

    <p>I thought it was already disabled in Windows 10. Many older routers that allow you to plug in a USB drive for network storeage use SMB1. The routers are unlikely to change that since they use OLD linux kernels. That was one of the reasons I upgraded to a Synology NAS in 2020. Thank you PUA $$$.</p>

  • chrishilton1

    Premium Member
    21 April, 2022 - 1:49 am

    <p>SMB1 is the primary reason for ransomware propagation, check all your servers today and disable it. </p>

  • AlanBourke

    21 April, 2022 - 3:32 am

    <p>The only surprising thing about this is I assumed it was already disabled in Windows 11.</p>

  • kevin_costa

    21 April, 2022 - 9:43 am

    <p>Me too. After the WannaCry incident, I remember MS saying that it would disable SMBv1 on Windows by default. I think starting W10 v1709 or v1803, the OS was shipped with SMBv1 disabled. This is not news, unless they are removing all the SMBv1 code from Windows soon. </p>

    • mikegalos

      21 April, 2022 - 9:45 pm

      <p>Precisely (although the article doesn’t really make that clear). The big thing is that it’s no longer installed rather than installed and not enabled. Now it takes a separate, conscious action to install the code.</p>

  • thea2_

    Premium Member
    21 April, 2022 - 6:56 pm


    • thea2_

      Premium Member
      21 April, 2022 - 6:58 pm

      <p>opps, sb1 is the default connection for kodi to other computers on network.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC