Windows 10 April 2018 Update does not work very well with SMB v1, but a fix is on the way

Microsoft is not the biggest fan of SMB v1, the old and vulnerable Windows file sharing protocol which was so badly exploited during the Wannacry attacks. In fact a fresh install of Windows now no longer includes support for the protocol, and Home and Pro users would have the protocol automatically disabled if they did not use it for 15 days.

While Microsoft recommended users upgrade to a later and more secure version of the protocol they have not actively interfered with clients who were actually still using the networking service (which old versions of Windows Server still depend on) – until Windows 10 April 2018 update that is.

On Microsoft’s support forums users are complaining:

We have an application that runs from a network location. It has always worked fine in Windows 10 through latest cumulative 1709 builds. Since updating online to 1803 (17134.1) it will not run from the network.

The source of the problem has been hard to pin down, but some users believe Windows Defender is treating SMB v1 connections as suspicious, and that replacing the antivirus with another will resolve the issue.

Microsoft’s Ned Pyle told the Register:

I suspect they are referring to a problem where they have SMB1 client installed but running applications off a remote SMB1 share, while using antivirus that interrogates processes creating on remote paths through a minifilter driver. It’s not a general inability to connect or access files, I believe.

Ned believes a fix will come in the June 2018 Cumulative update, but Microsoft ultimately suggests users get off the protocol before even more holes are discovered.

Microsoft’s advice can be read in two Knowledge Base articles (KB4103721 and  KB4100403.)

Via The Register