The SMBv1 file-sharing protocol has been used to spread WannaCry ransomware, and now Microsoft has announced that it will remove smbv1 file sharing protocol to prevent the next WannaCry ransomware attack. It will remove it from Windows 10 starting with the upcoming Redstone 2 update.
It was a hard attack for many organizations all over the world, a new ransomware attack called ‘WannaCry’ is encrypting files and changing the extensions to .wnry, .wcry, .wncry and .wncrypt. that started its attack against hospitals across the UK and many businesses in Russia and across Asia, the malware eventually infected unpatched Windows servers running SMBv1 in more than 150 countries across the globe.
Server Message Block (SMB), one version of which was also known as Common Internet File System, operates as an application-layer network protocol mainly used for providing shared access to files, printers, and serial ports and miscellaneous communications between nodes on a network. It also provides an authenticated inter-process communication mechanism.
Microsoft has lately published that the beta release of Windows 10 “Creators Update,” also known as “Redstone 2” has disabled the Server Message Block version 1 (SMBv1) protocol, using a custom “MS Security Guide” ADMX file so that the settings can be exposed through the Group Policy editor.