Microsoft Principal Program Manager Ned Pyle has issued a warning to those running the Release Preview version of Windows 11 24H2, stating the OS could brick your NAS devices for failing to identify its credentials.
Newly introduced tightened security measures could affect some third-party NAS devices and USB drives plugged into certain routers.
As part of the update, Windows 11 will now require SMB signing by default on all connections, which poses a problem to incompatible or poorly set-up devices.
Windows 11 24H2 NAS safety measures
In a post, Pyle explained that the guest fallback feature, which allowed users to connect to an SMB server without a username or password, posed a severe security risk: “it means that your device can be tricked into connecting to a malicious server without prompting for credentials, then given ransomware or having your data stolen.” It has been disabled on Windows 11 Pro edition.
While SMB signing has been available in Windows for decades, its mandatory implementation is new. Pyle added: “Both changes will make billions of devices – not just Windows, but everything running SMB that wants to talk to Windows – more secure.”
However, Microsoft realizes that the changes could see some users encounter issues when upgrading to Windows 11 24H2, as the system won’t be able to differentiate between a malicious server and a genuine NAS device.
Users experience access issues may see various error messages, ranging from standard security notifications to obscure system errors.
Pyle urges NAS users to ensure that SMB signing is enabled, to disable guest access, to enable username and password protection and to apply firmware upgrades in order to circumvent the new restrictions.
A new inbox, wontsignsmb@microsoft.com, has also been set up for consumers to share details of NAS devices that don’t support SMB signing in order to pressure vendors for updates.
More from TechRadar Pro
https://cdn.mos.cms.futurecdn.net/s9bJiTAB353dLSsWvLNK4d-1200-80.png
Source link