Uninstall and disable SMBv1 in Windows

The original Server Message Block (SMB) version 1 (SMBv1) protocol is nearly 30 years old, and like much of the software made in the 80s, it was designed for a world that no longer exists. As a result, the SMBv1 protocol has significant security vulnerabilities, and Microsoft strongly encourages you not to use it. In this article, you will learn how to uninstall and disable SMBv1 in Windows.

Table of contents

What is SMBv1?

SMBv1, which stands for Server Message Block version 1, was created by Barry Feigenbaum in the early 80s as a file-sharing protocol for DOS. In the 90s, Microsoft started using SMBv1 in its operating systems as a protocol for sharing access to files, printers, and other resources on a network.

The SMBv1 protocol leaves your organization’s server/clients open to cyberattacks. It’s, therefore, important to stop using this more than 30-year-old protocol right now!

Get SMBv1 status in Windows

Check if the SMBv1 feature is installed with PowerShell.

PS C:\> Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

FeatureName      : SMB1Protocol
DisplayName      : SMB 1.0/CIFS File Sharing Support
Description      : Support for the SMB 1.0/CIFS file sharing protocol, and the Computer Browser protocol.
RestartRequired  : Possible
State            : Enabled
CustomProperties :
                   ServerComponent\Description : Support for the SMB 1.0/CIFS file sharing protocol, and the Computer Browser protocol.
                   ServerComponent\DisplayName : SMB 1.0/CIFS File Sharing Support
                   ServerComponent\Id : 487
                   ServerComponent\Type : Feature
                   ServerComponent\UniqueName : FS-SMB1
                   ServerComponent\Deploys\Update\Name : SMB1Protocol

Check the SMBv1 protocol status with PowerShell.

PS C:\> Get-SmbServerConfiguration | Select EnableSMB1Protocol

EnableSMB1Protocol
------------------
              True

How to uninstall and disable SMBv1 in Windows

It’s very important that you DISABLE and UNINSTALL SMBv1 protocol in Windows. Most administrators do only one of the tasks and think this is the correct way. Unfortunately, it’s not, and you have to do both.

Note: Ensure that you disable and uninstall the SMBV1 protocol in Windows.

1. Disable SMBv1 protocol

Disable SMBv1 protocol with PowerShell

PS C:\> Set-SmbServerConfiguration -EnableSMB1Protocol $false

Verify that SMBv1 protocol is disabled.

PS C:\> Get-SmbServerConfiguration | Select EnableSMB1Protocol

EnableSMB1Protocol
------------------
             False

2. Uninstall SMBv1 protocol feature

Uninstall the SMBv1 feature with PowerShell.

Note: You need to restart after uninstalling the SMBv1 feature.

PS C:\> Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

Check that SMBv1 feature is uninstalled.

PS C:\> Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol


FeatureName      : SMB1Protocol
DisplayName      : SMB 1.0/CIFS File Sharing Support
Description      : Support for the SMB 1.0/CIFS file sharing protocol, and the Computer Browser protocol.
RestartRequired  : Possible
State            : Disabled
CustomProperties :
                   ServerComponent\Description : Support for the SMB 1.0/CIFS file sharing protocol, and the Computer Browser protocol.
                   ServerComponent\DisplayName : SMB 1.0/CIFS File Sharing Support
                   ServerComponent\Id : 487
                   ServerComponent\Type : Feature
                   ServerComponent\UniqueName : FS-SMB1
                   ServerComponent\Deploys\Update\Name : SMB1Protocol

You successfully turned off and disabled SMBv1.

Read more: How to Enable TLS 1.2/TLS 1.3 on Windows Server »

Conclusion

You learned how to uninstall and disable SMBv1 in Windows. This can be Windows Server or Windows clients. Check the status and ensure SMBv1 is turned off and disabled. Suppose you have many Windows Servers and clients, an excellent way to push this change is through a GPO.

Did you enjoy this article? You may also like Install Windows Server on Virtual Machine. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect, IT Consultant, and Microsoft Certified Trainer. He started Information Technology at a very young age, and his goal is to teach and inspire others. Read more »

X TwitterLinkedIn

What Others Are Reading

This Post Has One Comment

  1. Thank you for the article. Always learn something new on your site.

    Quick two question,
    Does SMBv2 needs to be installed, if we remove SMBv1? or just leave the server the way it is?
    Since its enabled on my end, How could we tell if its being used?

    Thanks.
    John

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *