June 28, 2017 by Tal Widerman
The WannaCry ransomware burst onto the world's computers in May 2017, sending IT managers into panic and, in particular, organizations that still use old operating systems running SMBv1 (such as Windows XP and Windows Server 2003).
The Microsoft SMBv1 file-sharing service is old, nearly 25 years old. The protocol, like most of the software developed in the 80’s, was designed for a world that no longer exists: a world without malicious actors, without the vast sets of important data, without near-universal computer usage.
List of supported features in today's SMB latest dialect.
The Petya attack on Win XP machines:
Why so many organizations are still stuck with the old and vulnerable SMBv1 protocol? The simple answer is, they find it technically or financially impossible to move forward and modernize all of their XP or Server 2003 machines to newer operating systems that support newer SMB dialects.
Then there are organizations that use the more recent Windows Vista, Windows 7 or Server 2008. They stand better protected through the SMBv2 protocol, but are still not completely safe. Encrypted file sharing was initiated through the SMBv3 protocol that came with Windows 8 and Server 2012. See here for different versions of SMB protocols.
Microsoft is taking a stand
As of January 2018, Microsoft has officially disabled SMBv1 in Windows operating systems. This means that the older machines that support SMBv1 only, are not able to communicate with newer machines. When trying to connect to an SMBv1 only machine this is the error message received:
"You can't connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack."
Overcoming the obstacle
Visuality Systems understands the danger and difficulty that these organizations are confronted with, and offer a solution that will allow organizations to continue using older Windows machines with the latest SMB protocol version. NQ™ for Windows is a portable solution and can solve this issue by replacing the outdated SMBv1 with the latest SMB dialect in legacy Windows systems such as Windows XP and Server 2003.