Microsoft strongly recommends that administrators disable the SMBv1 protocol on Exchange servers.
Let me remind you that Microsoft has been implementing a systematic refusal to use the outdated SMBv1 for a long time. So, since 2016, the company advises administrators to withdraw from support for SMBv1, since this version of the protocol almost 30 years ago does not contain the security improvements that were added in later versions. These enhancements include encryption, integrity checks before authentication to prevent man-in-the-middle (MiTM) attacks, blocking insecure guest authentication, and more.
Now the Exchange Team has once again reminded administrators of the insecurity of using SMBv1 due to the fact that they are still actively abused by various malware: in particular, exploits EternalBlue and EternalRomance, as well as the malware TrickBot, Emotet, WannaCry, Retefe, are also exploiting it. , NotPetya, Olympic Destroyer and so on. Known SMB problems can be used to spread infection to other machines, perform destructive operations, and steal credentials.
In this regard, Microsoft specialists once again strongly recommend that you disable the legacy version of SMB on Exchange 2013/2016/2019
Recently news
746 arrests, 2 tons of drugs, 54 million pounds and dozens of weapons. EncroChat anonymous service successfully hacked in Europe
Microsoft has released a tool to recover lost or deleted data
Microsoft Announces “New Retail Approach”
BlueLeaks: activists published data of 200 police agencies in the public domain
The new vulnerability “hits” AMD processors, but does not affect Intel CPUs. But there is nothing to worry about
Google Chrome will finally become less gluttonous in Windows 10