Server Message Block (SMB) is a foundational service that has been used for many years. This internet standard protocol enables Windows to share files, printers and serial ports. SMB is used over the internet on top of the TCP/IP protocol.
SMB v1 has been in use since Windows 95, and in 2019, it’s still often found and abused in networks. If you have SMB v1 enabled in your network, it can be used in blended attacks that might include ransomware and other malware. In a 2016 blog post, Ned Pyle lists the protections you lose when using SMB v1:
As Pyle points out, “The nasty bit is that no matter how you secure all these things, if your clients use SMB1, then a man-in-the-middle can tell your client to ignore all the above. “