Security News > 2023 > November > Microsoft drops SMB1 firewall rules in new Windows 11 build
Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build.
Before this change and since Windows XP SP2, creating SMB shares set up firewall rules automatically within the "File and Printer Sharing" group for the specified firewall profiles.
Following the introduction of Windows 11 Insider Preview Build 25982 in the Canary Channel, administrators can now enforce SMB client encryption for all outbound connections.
Admins can also configure Windows 11 systems to block sending NTLM data over SMB automatically on remote outbound connections to thwart pass-the-hash, NTLM relay, or password-cracking attacks, starting with the Windows 11 Insider Preview Build 25951.
With the Windows 11 Insider Preview Canary Build 25381, Redmond also started requiring SMB signing by default for all connections to defend against NTLM relay attacks.
Last year, in April, Microsoft revealed the final phase of disabling the decades-old SMB1 file-sharing protocol for Windows 11 Home Insiders.
News URL
Related news
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)