I have an old device which is not SMB 2 capable. Much has been written about danger of using SMB1 (eg. ). I would like to access files on this device from current Windows 10 client. Windows 10 still allows to enable SMB1 through checkbox "SMB 1.0/CIFS client" in "Turn Windows features on or off" in Control Panel. Is there any real danger for Windows 10 client by doing so?
11 Answer
If the old device server is not accessible from the internet and is not used for internet surfing, it's as secure as the rest of your local network.
In order for it to be infected, another device from the LAN must be infected first, then propagate the infection. I think that at this point the whole question of SMBv1 vulnerability becomes somewhat mute.
SMBv1 vulnerability is dangerous for larger networks. A modest home LAN should avoid SMBv1, but an old device disconnected from the internet cannot be used as an entry-point by an attacker.
For more information, see :
- Microsoft's advisoryStop using SMB1
- What’s the Problem with SMB 1, and Should You Worry About SMB 2 and 3?
