Computer - it seems that this device, which has undergone modernization, is almost thorough, if not for its enormous susceptibility to virus attacks, often disabling the PC. To ensure the safety of laptops, responsible users use third-party anti-virus applications, and operating system developers provide working profiles with built-in class protective components that provide basic laptop protection against the background of its proper operation and performance of the required operations. In addition to protective tools, the system also has already called "problematic" components, which attackers can use in order to perform fraudulent operations. One of the tools of this class, namely, its reliability and compliance with the requirements of time for the protection of devices, will be discussed in this story. In this article, we will tell you what the SMBv1 protocol is a part of the Windows operating system, analyze the need for it according to time, the relevance of its work, and based on these parameters, the methodology for turning on or off a tool.
Work with the SMBv1 protocol in Windows.
The need for SMBv1 support in Windows
For many PC users who do not have specific, professional knowledge in the field of computer technology, the phrase “SMBv1 Protocol” is unclear, which necessitates, before deciding whether this system needs this component to perform specific tasks, understand the purpose of this kind of support. The SMB protocol of the first series is by default the system component of the Windows OS, regardless of its variation, is responsible for file-sharing processes on a PC, and its “age” is about thirty years. Naturally, by the standards of computer technology, according to the age category of the protocol, it can be called obsolete, however, SMBv1 support for unknown reasons, is used not only in the seventh or eighth OS version, but also in the new ten. The reason for such a precedent lies far from the incompetence of Microsoft developers, but in the banal use of file products in everyday life, with which it will be impossible to work without a conditional protocol.
Through a similar loophole, PCs and not less well-known extortionists, for example, WannaCry, Satana and similar viruses that can completely paralyze the functioning of a computer device, end up on a PC. The essence of the infection of the laptop is to completely block the system, which provides, as an elimination problem for an average, regular PC user, to reinstall the OS, while for global companies this method is unacceptable, with the need to agree on the terms of the ransomware or look for options to deactivate malware security.
Having understood the essence of the problem, it is worth going to the question of whether a conditional protocol is needed that is responsible for file exchange processes in the local network and the ability to work with files, which implies a decision, deactivate or enable support for the SMBv1 class on your PC. This question assumes an answer depending on the type of application used by the user in the process of working on a PC. If the user is using applications that require the SMBv1 protocol, then support will need to be activated, since otherwise it will be impossible to work with them. On the official Microsoft website, a user can independently examine the registry of applications that require conditional support to work with. If the files from the list are not exploited by the PC owner, then it will be necessary to disable the protocol in order to “close” the vulnerable area in the system, while it is possible, and even necessary, to keep the protected versions of the SMB class supported. Consider the protocol inclusion and deactivation methodology, which differs in the execution process, depending on the version of the installed OS.
How to enable SMBv1 protocol
The need to operate the communication ports of the SMBv1 configuration is very doubtful, since the files on the network, to work with which, the resulting format is less and less, with their progressive reduction to almost zero. Accordingly, issues related to the inclusion of support for SMB access of the first version are extremely rare on the network, the need to block the protocol is considered more relevant, which will be discussed later.
It is worth noting that the SMBv1 format is activated in all versions of the OS starting with Windows 7, removing automatically the issue of connecting the communication protocol on a PC with operating systems specified. An exception to the rule is the updated Windows 10 OS, 1709 variations and above, which have been upgraded by deactivating SMB support in the first version by the developers. Users who have a computer running on one of the updated systems sometimes assume the need to figure out how to enable SMBv1 in Windows 10, if it is necessary to operate such a module to perform specific tasks, in particular, lifting the ban on access to network folders. To activate the protocol, you need to go to Windows Features, find File Sharing Support in the SMB 1.0 / CIFS directory, expand the folder, and tick the checkboxes selectively next to SMB 1.0 / CIFS Client, SMB 1.0 / CIFS Automatic Removal and SMB 1.0 / CIFS Server. You can activate all positions at the same time by ticking the checkbox in front of the catalog name. After confirming the changes, you will need to restart the PC.
Having removed the restriction on the protocol, the user should understand that the risk of infection of the system in this case is significantly increased.
Protocol deactivation methodology
In a situation where the owner of the PC does not provide for working with file applications that require SMBv1 support, the tool must be deactivated. Disabling SMBv1 is not a very complicated process that we will perform at home by any user, with knowledge of the regulations, how to perform an operation. The question of how to disable the protocol has several answers, because the procedure varies depending on the version of the installed operating system on the PC, which the user must take into account when studying the task execution schedule. The solution to how to disable the SMBv1 protocol on Windows 7 is to make changes to the registry settings. When using the registry as a working tool, the user should be very careful, as incorrect operations in its structure can cause a system integrity violation, followed by an absolute failure or a significant performance violation. To disable the SMBv1 protocol, it is necessary to perform the following manipulations step by step:
- First you need to find "Registry Editor", through the "Start" menu, with the introduction of the Regedit directive in the search box.
- To gain access to the registry, you will need to log in as the “Administrator” by clicking the right mouse button on its name.
- In the left pane of the window that opens, you will need to pave the way from the item called HKEY_LOCAL_MACHINE to the SYSTEM folder, where you follow the route CurrentControlSet / Services / LanmanServer.
- Expanding the LanmanServer folder, the user will have access to the Parameters subsection, in which you will need to create a new component. To do this, click the right key on the Parameters folder to expand the drop-down list, then select the "Create" command, and then go to the sub-item "Parameter DWORD (32 bit)".
- The created element must be named SMB1. By default, the component is formed with a zero value, which resets the need to edit the parameter: the digit “0” in this case is interpreted as “disabling the protocol”.
Next, we restart the PC, thereby activating the changes made, and thereby disabling SMBv1 in Windows 7. In the deactivated mode, the module will no longer be a vulnerability for virus attacks that use the first SMB communication protocol to be introduced into the system.
For the eighth, and subsequent variations of Microsoft operating systems, the rules of operation, how to disable support for SMBv1, are as follows:
- Through the "Control Panel" you need to go to the "Programs" item, and then go to the "Programs and Features" configuration, where you can select the "Turn Windows features on and off" task.
- In the window that opens, you will need to find a component called “SMB 1.0 GIFS ...”, remove the check mark in front of it, and confirm the change by pressing the OK button at the bottom of the screen.
After confirming the changes, the system “offers” to restart the PC so that the updates made are activated.
The article highlights the methods for disabling the SMB protocol of the first variation for different operating systems. If it is necessary to secure several computers at the same time working on the network principle, it will be necessary to perform the described manipulations by means of group security policy, the step-by-step procedure for the implementation of which is described in detail on the Microsoft website. Remember, the security of the system should be a priority criterion for the PC user, and since it is recommended that even the OS developers disconnect the configuration, you should not ignore this process, with an orientation towards its immediate implementation.