The Server Message Block (SMB) v1 protocol must be disabled on the system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-70639 | WN10-00-000160 | SV-85261r1_rule | Medium |
| Description |
|---|
| SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks such as collision and preimage attacks as well as not being FIPS compliant. |
| STIG | Date |
|---|---|
| Windows 10 Security Technical Implementation Guide | 2016-10-28 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-76871r1_fix) |
|---|
| Disable the SMBv1 protocol. Run "Windows PowerShell" with elevated privileges (run as administrator). Enter the following: Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol Alternately: Search for "Features". Select "Turn Windows features on or off". De-select "SMB 1.0/CIFS File Sharing Support". |