Buzz
SMB is a protocol that allows client applications on a computer to read and write files and request services from server programs in a computer network. Recently, improved protocols based on SMB have been continuously exploited by hackers to spread ransomware, such as WannaCry, causing concern among many users.
SMBv1 (Server Message Block version 1) is one of the oldest protocols, and by default, this protocol is still enabled on Windows. SMBv1 is an old and insecure protocol, and exploiting this, recent ransomware attacks such as WannaCry Ransomware and most recently Petya (similar to WannaCry) have utilized SMBv1 to spread rapidly and infect thousands of systems worldwide.
Upgrade to SMBv3 for enhanced security
In this article, Mytour will guide you through 3 methods to disable SMBv1 on Windows, including: via Windows Features, Windows PowerShell, and Windows Registry.
Disable SMBv1 via Windows Features
The simplest way to disable SMBv1 is to use Windows Features. To disable SMBv1 through Windows Features, first open Control Panel by typing Control Panel in the Search box on the Start menu, then select Control Panel from the search results list.
Navigate to Programs and Features in the Control Panel window.
Next, in the Programs and Features window, find and click on the Turn Windows Features On or Off link on the left pane to open the Windows Features window.
Here, scroll down to find and uncheck the option named SMB 1.0/CIFS File Sharing Support, then click OK to save the changes.
After saving the changes, Windows will prompt you to restart the system to apply this change. Simply click Restart Now for the changes to take effect.
Disable SMBv1 via PowerShell
You can also utilize Windows PowerShell to disable SMBv1. Type PowerShell in the Search box on the Start menu, then right-click on PowerShell in the search results and select Run as Administrator to open PowerShell with Admin privileges.
In the PowerShell window, enter the following command to check whether SMBv1 is enabled or disabled:
Get-SmbServerConfiguration
In the example provided, you can see that the SMBv1 protocol is currently enabled. To disable SMBv1, use the command below:
Set-SmbServerConfiguration -EnableSMB1Protocol $false
After executing the above command, you will be prompted to confirm whether you want to disable SMBv1 or not. Enter Y and then press Enter to confirm.
At this point, SMBv1 on your system has been disabled. If you want to check again, you can use the first command to see if SMBv1 has been disabled or not.
If you wish to enable (turn on) SMBv1 again, you can use the command below:
Set-SmbServerConfiguration -EnableSMB1Protocol $true
Disable SMBv1 via Windows Registry Editor
To disable SMBv1 via Windows Registry, access Registry Editor by typing regedit into the Search box on the Start menu, then select and open Windows Registry from the search results.
In the Windows Registry window, navigate to the path as shown below. If you are using Windows 10, you can copy and paste the path into the address bar and press Enter:
In the right pane, right-click on any empty space, select New =>DWORD (32-bit) Value.
Name the new value SMB1 and press Enter.
Double-click on the newly created value and set the value data in the Value Data box to 0, then click OK.
Finally, restart your system, and SMBv1 will be disabled. In case you want to enable SMBv1 again, follow the same steps and change the value in the Value Data box to 1.
Here, Mytour has just introduced 3 ways to disable SMBv1 on Windows for you. If you have any questions or concerns, feel free to contact Mytour by leaving your comments and opinions in the comment section below each article. Mytour will respond to your inquiries as soon as possible. Additionally, if you are using Win 10, you can refer to the article evaluating SMB zero-day vulnerability here to learn how it affects Windows 10 PC/laptop.
