Windows Server 2019 must not have the Server Message Block (SMB) v1 protocol installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-205682 | WN19-00-000380 | SV-205682r958478_rule | CCI-000381 | medium |
| Description | ||||
| SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks such as collision and preimage attacks and is not FIPS compliant. | ||||
| STIG | Date | |||
| Microsoft Windows Server 2019 Security Technical Implementation Guide | 2025-05-23 | |||
Details
Check Text (C-205682r958478_chk)
Different methods are available to disable SMBv1 on Windows Server 2019. This is the preferred method; however, if WN19-00-000390 and WN19-00-000400 are configured, this is NA.
Open "Windows PowerShell" with elevated privileges (run as administrator).
Enter "Get-WindowsFeature -Name FS-SMB1".
If "Installed State" is "Installed", this is a finding.
An Installed State of "Available" or "Removed" is not a finding.
Fix Text (F-5947r354965_fix)
Uninstall the SMBv1 protocol.
Open "Windows PowerShell" with elevated privileges (run as administrator).
Enter "Uninstall-WindowsFeature -Name FS-SMB1 -Restart".
(Omit the Restart parameter if an immediate restart of the system cannot be done.)
Alternately:
Start "Server Manager".
Select the server with the feature.
Scroll down to "ROLES AND FEATURES" in the right pane.
Select "Remove Roles and Features" from the drop-down "TASKS" list.
Select the appropriate server on the "Server Selection" page and click "Next".
Deselect "SMB 1.0/CIFS File Sharing Support" on the "Features" page.
Click "Next" and "Remove" as prompted.