From Tom's Hardware: Microsoft's principal program manager, Ned Pyle, addressed new security changes with Windows 11 24H2 via the Microsoft blog. The changes will deny access to unsecured routers with USB ports and some Network Attached Storage devices. Pyle mentions that the upcoming upgrade abandons the much earlier variants of the Server Message Block (SMB) protocol and hence the potential issue.
Pyle explains that SMB1 is over forty years old, and warnings of its demise have been echoed since 2022. The Windows 11 24H2 takes one step forward, as it requires SMB signing by default, which will avoid tampering on the network. Guest fallback will be disabled on Windows 11 Pro Edition, which provides better security as it allows access to an SMB server without a username or password.
This added security is long overdue as SMB signing has been available in Windows for thirty years as an option. Guest in Windows was deprecated twenty-five years ago, while the Guest fallback option was disabled in Windows 10 Enterprise, Education, and Pro for Workstation editions. These security implementations have also been present in Windows Insider Dev, and Canary builds for a year. Pyle says that this change in Windows 11 24H2 will secure over a billion devices as it will force NAS and router makers to update unpatched devices.
View: Full Article