SMBv1 Windows Exploit "Fix" Problem – Why Disable Auto Updates?
THREAT REMOVAL

SMBv1 Windows Exploit “Fix” Problem – Why Disable Auto Updates?

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by SMBv1 and other threats.
Threats such as SMBv1 may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

New information has come to our attention that there is a specific Windows patch, which aims to address issues in the SMBv1 of Windows, more specifically removing it. SMB is in several versions and it stands for Server Message Block protocol and it is in v1, v2 and v3 and the v1 has been related to a lot of exploits over time, resulting in people discarding their older printers and hardware, supporting this protocol. But since the new patch Tuesday coming to the computers of Windows users contains a buggy fix, it is advisable for users to avoid this fix by disabling their updates.




The SMBv1 Vulnerability “Fix” – Why It’s Risky?

Since the recent Microsoft updates, the Windows 10 version 1803 was pushed to computers that were not set to receive it as an update and despite Windows 7 computers have been detected to stil install Windows 10 automatically, it is important for people to be on alert.

The 1803 version of Windows 10 has the SMBv1 running and some devices are set up to have it. The Microsoft user community has long known of the problems that are related to SMBv1 primarily in terms of security. The whole problem, according to the user guenni in his blog post is that ever since 2017, Microsoft has announced that it will expire, but it is still remaining on some computers. The sole vulnreability is well concealed within the activation of the SMBv1, which is a rather risky step, because it does not fix the network issues that are related to it. So the version 1803 of Windows 10 has the so-called “missing SMBv1” issue. After there is an update of Windows 10, the SMBv1 issue is not solved, since if you do not use SMBv1 for 15 days after it has been disable, the update automatically uninstalls it. So, basically this not only brings issues to users who have the SMBv1 protocol and use folder sharing, but may also open a large vulnerability for their computer. This can be solved by switching to SMBv2 and SMBv3 in their server and client environment, however, there are many situations where such switch is impossible, because the servers or the NAS drives support SMBv1 only, which basically needs you to activate it.

So, according to Microsoft, the main security issue, related to SMBv1 for Windows 10 is related to the connection itself, which results in an access error occurring to your database after the Windows 10 April Update has occurred. Such error has bot been seen in the previous builds of Windows. And in addition to this, the Windows Defender software and Windows Firewall may also cause further SMBv1 file sharing issues.

So a way to go around it in case you are using the SMBv1 is that you can install a free antivirus and firewall of third parties and disable Windows Defender and Firewall and the protocol starts to function properly again.

But since SMBv1 is something that only old machines use, many users want to remove it from their computers.

More Issues With Version Windows 10 Version 1803

If you have this version, be advised that there are other issues with it as well, such as the new Graphic User Interface that is removed in 1803 and was available in the previous versions of Windows.

Another very talked about issue of Windows 10 1803 is the Automatic Updates which need a lot of digging to be turned off and if you lack the Pro version, you cannot turn them off, since Group Policy cannot be accessed. The Group Policy method of stopping updates, previous functioned in versions 1607 , however it may not work on the newer builds. This and several other reasons such as the increased difficulty of disabling Cortana, for which you have to tamper with the Windows registry editor to do so.




What Are The Choices and What to Do When It Comes to Windows Updates and SMBv1

First of all, if you have not disabled SMBv1 and you do not use it and want to disable it, you can do it via following these steps:

Step 1: On your search bar type “Turn Windows features on or off”.
Step 2: Locate the following features and disable them:

There are many things that you can do in order to prevent those updates from happening. The most radical choice of them is to downgrade your operating system to an older version of Windows, for which you can check the instructions in the related article below:

How to Downgrade from Windows 10 to 7, 8, 8.1

Another workaround and a possible solution to this issue is to focus on rolling back the upgrade itself. This can happen by following these instructions:

Step 1: Go to Update & Security (Start Menu-Settings-Update&Security)
Step 2: On your left, choose Recovery.
Step 3: Click on Get Started under the “Go back to the previous version”.
Step 4: Choose an earlier build of Windows 10, for example 1607 and above builds.

After doing this, to prevent Windows from serving you these updates once again, the best thing that you can do is follow the instructions below to stop and nlock Automatic Updates in Windows 10 and prevent your OS from returning back to this version.

Stop or Block Automatic Updates in Windows 10

Conclusion

Even though Microsoft is likely to push this update to more computers, we advise that you be on the lookout and also wait for a newer build, that addresses these SMBv1 issues, if SMBv1 is important for you. In addition to this, it is also good to keep Microsoft on a short leash and always stay updated to the latest developments and news about Windows 10, because over time there have been numerous updates and vulnerabilities that have cause issues, similar to the SMBv1 situation. And be advised that disabling Windows Updates is not reccomended in general and if you are planning on doing this, we advise that you disable them only temporary, until there is a fix for the SMBv1 issues.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...