Blog Post

Storage at Microsoft
9 MIN READ

SMB is Dead, Long Live SMB!

JamesKehr's avatar
JamesKehr
Icon for Microsoft rankMicrosoft
Feb 26, 2020
Hello again, James Kehr here with another guest post. Titles are hard to do. They must convey the topic to the reader while being both interesting and informative, all at the same time. Doing this wi...
Updated Nov 09, 2023
Version 2.0
JBJBJB's avatar
JBJBJB
Copper Contributor
Sep 08, 2021

"Blame your developers for not keeping up with SMB security evolution, not Microsoft."

 

No. I blame MS for stupidly implementing buggy, risky code.

Today is 9/7/2021.

There are 1127 CVE Records that match Win10 as of today.

There are 1241 CVE Records that match Win 7 as of today.

There are 6342 CVE Records that match Microsoft as of today.

A favorite..

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3238The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver during printer installation, aka "Windows Print Spooler Remote Code Execution Vulnerability."
 
Since 20 friggin' 16. What was this about "keeping up"?

 

I can see why you don't want anyone looking at MS. Place the blame on others. Great strategy.

I, and as many associates as I can persuade, have left MS for other venues.