security policy
Author: 
Sébastien Degrève

Security problems are now really handled by Microsoft. The last Windows 10 Build (1709) improves the security and that's really nice!

What are the new security features in Windows 10 Build (1709) ?

  • WPA2 Krak patch (comes with the september security rollout)
  • SMB v1 will be uninstalled.
  • SMB v2 with authentication forced. <- It might be cool but,...

Does this have an impact on my network?

Yes, access to SAMBA share as guest are blocked now! It already was not a good idea, but now you should really forget about setting up shares with poor security. Forget the old : "everyone access", "guest access" or "public access",... they are now blocked on Windows 10.

You'll quickly meet this kind of message:

"You can't access this shared folder because your organization's security policies block unauthenticated guest access. These policies help protect your PC from unsafe or malicious devices on the network. "

I'm blocked, is there a work-around ?

Yes, Microsoft also gave a work-around to disable this security (really nice, don't you think?)

Should I use the work-around in my network?

No, but, ... It could be used temporary to get back access to your share and get a little bit more time to enable authentication. Forcing SMBv2 and authentication on all your network shares is the best practice and you should go this way. It'll help you to protect your network against several crypto-lockers or malicious threads.

Want more info?

We can help you!

 

Newsletter