@johncoast an excellent question. Pre-auth integrity only protects
against downgrade attacks that would disable things like signing
requirements. You will still want to use signing or encryption to stop
tampering, stealing, etc of the actual SMB payloads.
@Ned Pyle Thank you for your articles, very useful! I'm trying to
understand something : if a network only uses smb 3.1.1 would signing
still be an important factor or would pre-authentication integrity
guarantee no tampering, no mitm, no credential stealing?
Yes, its not in my list, is there a way to install it manually ? Ideally
version 2 or 3, because I read first version is not safe ? Stupid to
have bought a NAS server but being unable to comunicate with it.
@erpmanila3w I don't have timeline details to share, other than it will
not be happening at the next major release. It will come to Insiders
first and be on the Windows feature removal page Features and
functionality removed in Windows client - What's new in Windows |
Microsoft Learn, so it will not...
@Ned Pyle I was wondering when will Microsoft completely remove SMB1 in
future versions of Windows 11, meaning the feature will no longer be
listed nor available in the Windows Features list. do you have any new
information as to when that will happen?
Latest Comments