As of now, there is a rate limit for SMB authentication. This automatically activates and limits login attempts to make this attack surface less attractive to malicious actors. Microsoft has now announced another change to SMB authentication.
That’s what Ned Pyle, Director of Programs at Microsoft says Post new information on the topic. Accordingly, as a test in Windows 11 Pro, you will first start by disabling the insecure SMB guest authentication routines. This change was actually made recently Insider Preview Build 25267 and 25276.
What is an SMB connection?
Server Message Block (SMB) is a network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs on a computer network. So it is used if you use NAS devices to backup data, for example.
High security risks
Microsoft justifies the change by saying that guest authentication does not support audit trails and security mechanisms such as signing and certificates. As such, they are a very seductive vector for man-in-the-middle (MITM) attacks. In the worst case, a malicious actor could use the guest login to gain read or copy access to an entire network without leaving an audit trail. However, deactivation is only optional, meaning you can undo it and set it to active again if needed. To request guest access, temporarily enable SMB2 or SMB3 guest fallback to allow access. However, SMB1 should not be used due to the security vulnerabilities of the old protocol. On current Windows 11 Pro Insider builds, changes will now be enabled by default and will generally be available with the “next major release” of the operating system.
See also:
“Social media evangelist. Baconaholic. Devoted reader. Twitter scholar. Avid coffee trailblazer.”
More Stories
Ubisoft wants to release a new Assassin's Creed game every 6 months!
A horror game from former developers at Rockstar
Turtle Beach offers the Stealth Pivot Controller for PC and Xbox