Windows Server 2022 must not the Server Message Block (SMB) v1 protocol installed.

An XCCDF Rule

Description

SMBv1 is a legacy protocol that uses the MD5 algorithm as part of SMB. MD5 is known to be vulnerable to a number of attacks such as collision and preimage attacks and is not FIPS compliant.

ID: SV-254275r958478_rule
Version: WN22-00-000380
Severity: Medium
References: CCI-000381
Updated: 6 days ago

Remediation Templates

Uninstall the SMBv1 protocol.

Open "Windows PowerShell" with elevated privileges (run as administrator).

Enter "Uninstall-WindowsFeature -Name FS-SMB1 -Restart".
(Omit the Restart parameter if an immediate restart of the system cannot be done.)
Alternately:

Start "Server Manager".

Select the server with the feature.

Scroll down to "ROLES AND FEATURES" in the right pane.

Select "Remove Roles and Features" from the drop-down "TASKS" list.

Select the appropriate server on the "Server Selection" page and click "Next".

Deselect "SMB 1.0/CIFS File Sharing Support" on the "Features" page.

Click "Next" and "Remove" as prompted.

Windows Server 2022 must not the Server Message Block (SMB) v1 protocol installed.

Description

Remediation Templates

A Manual Procedure