Microsoft has acknowledged that the September 2025 Windows security updates have led to connection troubles with the legacy Server Message Block (SMB) v1 protocol specifically when it is utilized over NetBIOS over TCP/IP (NetBT). Impacted substrates encompass a range of Windows platforms including Windows 11 (versions 24H2, 23H2, 22H2), Windows 10 (versions 22H2, 21H2), as well as Windows Server 2025 and Windows Server 2022.
The company issued a caution: "Post installation of the September 2025 security update for Windows or later versions, attempts to connect to shared files and folders via the Server Message Block (SMB) v1 protocol on NetBIOS over TCP/IP (NetBT) may be unsuccessful." This problem can manifest if either the SMB client or server contains the latest security update.
Temporary Solution Available
In response to this disruption, Microsoft is actively working on a permanent fix. Meanwhile, they propose a temporary workaround for affected users: enabling traffic on TCP port 445. This adjustment facilitates the switch from NetBT to SMB over TCP, thereby restoring successful connectivity.
SMBv1, a protocol that first entered the scene in the 1980s, was effectively replaced by SMBv2 in 2007 and deprecated in 2014. Microsoft has consistently advocated for its removal due to a plethora of security deficiencies. The protocol's lack of features such as pre-authentication integrity checks and protections against downgrade attacks renders it vulnerable. These vulnerabilities have been exploited historically by sophisticated exploits such as EternalBlue and EternalRomance, often utilized in malware seen in credential theft and destructive attacks.
As part of best security practices, administrators are urged to disable the SMBv1 protocol and transition to more secure versions not just to alleviate the current compatibility issue, but also to fortify defenses against potential cybersecurity threats.
Comments (0)