To keep up with customer satisfaction, Microsoft has slowly been removing vulnerabilities in their operating systems and last year began the process of decommissioning an old messaging protocol called SMBv1. As of the Windows 10 version 1803, it has been all but eliminated from every supported Microsoft operating system.
However, this has left some configurations unable to effectively communicate with newer operating systems, which has caused issues for our customers. Read on as we cover some of frequently asked questions on this topic and learn how to best alleviate these bottleneck issues.
So, what happened?
SMBv1 is a messaging protocol for the underlying communications used by programs working across a Microsoft network. This messaging protocol was long ago superseded by v2 and v3, but it has continued to be included in newer releases up until this 1803 update – although while it was still available, it was disabled by default.
With common, security related IT issues, Microsoft decided to button up this potential liability once and for all, and several vulnerabilities were done away with in the newer SMBv2 and SMBv3. Unfortunately, these changes make network communication between Windows 10 and Server 2003, Windows XP, and some printers and programs very difficult.
With Windows 7, for example, it is possible to disable SMBv1 and enable SMBv2 or v3 to connect to a Windows 10 system. Previously, it was also possible to enable SMBv1 on Windows 10 to make it backwards compatible. This still lead to security vulnerabilities, as simply having SMBv1 as an option on either side of the connection is enough to initiate a man-in-the-middle attack using SMBv1. As of the 1803 update, SMBv1 is completely turned off and cannot be re-enabled for Windows 10.
Any system still running SMBv1 will need to have it disabled in order to use v2 or v3. Since this is not an option for Server 2003 or Windows XP, it leads to a connection issue. Both XP and Server 2003 have been end-of-lifed by Microsoft at this point, so the only solution is going to be upgrading machines running those operating systems. Similarly, other configurations will no longer receive updates, and replacing them is likely the only option.
How can I resolve these issues in my operations?
This issue has been a major stumbling block since this update left many programs and printers incapable of using SMB v2 or v3. This combined with Windows XP and Server 2003 not supporting SMBv1 has led to companies facing issues with printing, data quality services, and network installs. Unfortunately, there is no specific error we have consistently seen to make this issue easily identifiable.
One step to take if you experience issues like this is to review what version of Windows is involved at every point of your workflow – the printer software, the printer server, your BCC Mail Manager™ server, and the BCC Mail Manager client should all be checked to see if an older program or operating system is being utilized,especially if another machine in the process is running a newer version of Windows and has been recently updated.
You can find out how to enable or disable the various versions of SMB here, and the current list of programs known to only support SMBv1 here. As always, you can also reach out to BCC Software customer support at 800-624-5234 for help identifying and remedying these potential issues. We are here to help.