Microsoft Issues Security Update to Disable Outdated Network Links
In a move aimed at enhancing cybersecurity, Microsoft's September 2025 security update has severed the connection to Server Message Block (SMB) version 1 file shares, causing disruption for many organisations still relying on the outdated protocol.
The root of the problem lies in connections over NetBIOS over TCP/IP (NetBT), a feature that is integral to SMBv1. As a result, organisations that have not yet migrated from SMBv1 now face a problem: their file shares are no longer accessible.
This issue affects a wide range of modern Windows systems, including Windows 11, Windows 10, and server versions 2022 and 2025. The outages have caused concern, especially considering that most organisations still rely on SMBv1 due to legacy systems and applications, compatibility issues with older devices, and the complexity or cost involved in migrating to newer, more secure versions.
The WannaCry ransomware attack in 2017, which caused billions of dollars in global damage by exploiting SMBv1 vulnerabilities, serves as a stark reminder of the security risks associated with the protocol. Despite migration recommendations, the transition has been delayed or complicated for many, leading to the current situation.
Microsoft declared SMBv1 obsolete in 2014 and has since been pushing for migration to more secure versions. The company offers a temporary solution: administrators should free up the TCP port 445. Microsoft is also expected to publish a permanent solution for the connection problem in early October.
For cybersecurity professionals, using SMBv1 in 2025 is seen as negligence due to its documented weaknesses. SMBv1 is a relic from the 1990s and lacks fundamental security features of modern SMBv2 and SMBv3 implementations. The ultimate goal of any security-conscious organisation should be the complete elimination of SMBv1 from the network environment to permanently close a known security vulnerability.
IT managers are advised to identify all devices and applications that still rely on SMBv1 and develop a migration plan to supported technologies. The long-term prognosis for SMBv1 remains unchanged: The protocol is dying, and its removal is imminent.
In a parallel move, Microsoft also announced the removal of Windows PowerShell 2.0 from future server versions in the September update. This decision further underscores Microsoft's commitment to modernising its technologies and enhancing security.
The current disruption mainly affects companies that have not yet fully migrated from SMBv1, often due to dependencies on old hardware or software. As the deadline for SMBv1's removal approaches, it is crucial for organisations to prioritise their migration plans to avoid potential disruptions and ensure their networks remain secure.
Read also:
- Electric-powered vessels take to the waters of Maine
- Elon Musk accused by Sam Altman of exploiting X for personal gain
- Comparing the value of top electric scooters: Kinetic DX versus Bajaj Chetak versus TVS iQube - Which one offers the best bang for the buck?
- American Eagle's risque promotional effort featuring Sydney Sweeney leads to the brand being categorized as a 'trendy stock' among teenagers.
