Windows 11 to let admins mandate SMB encryption for outbound connections

Windows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel. SMB encryption provides data end-to-end encryption and can be enabled on a per-share basis for the entire file server or when mapping drives using Windows Admin Center, Windows PowerShell, or UNC Hardening. This capability was first included with SMB 3.0 on Windows 8 and Windows Server 2012, and it introduced support for AES-256-GCM cryptographic suites with Windows 11 and Windows Server 2022. By requiring that all destination servers support SMB 3.x and encryption, Windows admins can ensure that the clients can only establish a connection if these conditions are met to defend against eavesdropping and interception attacks. "You can now also configure the SMB client to always require encryption, no matter what the server, share, UNC hardening, or a mapped drive requires," said Microsoft Principal Program Manager Ned Pyle. "This means an administrator can globally force a Windows machine to use SMB encryption - and therefore SMB 3.x - on all connections and refuse to connect if the SMB server does not support either." The new option can be configured using PowerShell or the 'Require encryption' group policy under Computer Configuration Administrative Templates Network Lanman Workstation. Starting with Windows 11 Insider Preview Build 25951, admins can configure Windows systems to automatically block sending NTLM data over SMB on remote outbound connections to fend off pass-the-hash, NTLM relay, or password-cracking attacks. When toggled on, it prevents the user's hashed password from being sent to remote servers, effectively thwarting these attacks. With the release of Windows 11 Insider Preview Build 25381 to the Canary Channel, Microsoft also began requiring SMB signing by default for all connections to defend against NTLM relay attacks. SMB signing, introduced in Windows 98 and 2000, has been updated in Windows 11 and Windows Server 2022 to enhance protection and performance by significantly increasing data encryption speeds. "SMB encryption has performance overhead and compatibility overhead, and you should balance that against SMB signing - which has better performance and tamper protection but no snooping protection - or against no use of encryption or signing at all, which has best performance but no security," Pyle said. "SMB encryption supersedes SMB signing and supplies the same level of tamper protection, meaning that if your SMC client requires signing, SMB encryption turns it off; there is no point requiring both because encryption wins." These improvements are part of a broader effort to bolster the security of Windows and Windows Server, as underscored by earlier announcements from last year. In April 2022, Microsoft marked a milestone by revealing the final phase of disabling the decades-old SMB1 file-sharing protocol for Windows 11 Home Insiders. Building on this progress, the company also strengthened defenses against brute-force attacks by introducing an SMB authentication rate limiter, which mitigates the impact of unsuccessful inbound NTLM authentication attempts. Microsoft Paint finally gets support for layers and transparency. Windows 11 Snipping Tool gets OCR support to copy text from images. New Windows 11 feature blocks NTLM-based attacks over SMB. Microsoft plans to kill off NTLM authentication in Windows 11.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Windows 11 to let admins mandate SMB encryption for outbound connections

Windows 11 to let admins mandate SMB encryption for outbound connections - Windows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel. SMB encryption provides data end-to-end encryption and ...
1 year ago Bleepingcomputer.com
Strong Encryption Explained: 6 Encryption Best Practices - Strong encryption protects data securely from unauthorized access, but the specific algorithms that qualify as strong encryption change over time as computing power increases and researchers develop new ways to break encryption. Even the strongest ...
11 months ago Esecurityplanet.com
Microsoft drops SMB1 firewall rules in new Windows 11 build - Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. Before this change and since Windows XP SP2, creating SMB shares set up firewall ...
1 year ago Bleepingcomputer.com
What Is Encryption? Definition, How it Works, & Examples - To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security. Symmetric encryption will typically be ...
1 year ago Esecurityplanet.com
Types of Encryption, Methods & Use Cases - Encryption category types will explain the overarching and basic categories of classification for encryption, including the two most important: symmetric and asymmetric encryption. Encryption tool types will discuss the major classifications of ...
1 year ago Esecurityplanet.com
Business Data Encryption: Protecting Sensitive Information - In addition to implementing encryption technologies and policies, organizations should prioritize employee training on data encryption. By selecting the appropriate encryption technologies, implementing strong encryption policies, and training ...
10 months ago Securityzap.com
Symmetric vs. Asymmetric Encryption in the Cloud: Choosing the Right Approach - Asymmetric and symmetric encryptions are the modes of encryption typically used in cryptography. There is a single key involved with symmetric encryption used both for encryption and decryption. Symmetric and asymmetric encryption as ways of ...
5 months ago Cybersecurity-insiders.com
Encrypting Data Using Asymmetric Encryption - Asymmetric encryption, commonly known as public-key encryption, is an important technique for safeguarding data transport and storage. Asymmetric encryption's multi-step process involving key generation, encryption, transmission, decryption, and key ...
11 months ago Feeds.dzone.com
The 6 Best Encryption Software - Though encryption could still be broken or cracked, strong encryption is nearly impenetrable. Top encryption software: Comparison table Top encryption software BitLocker: Best for Windows environments. It's an excellent choice for encryption software ...
7 months ago Techrepublic.com
An overview of storage encryption for enterprises - Storage encryption is a key element in keeping enterprise data safe. Most enterprises use a combination of encryption methods to protect their data on premises, in motion and in the cloud, so it's important to understand the different types and best ...
7 months ago Techtarget.com
Microsoft tests Windows 11 encrypted DNS server auto-discovery - Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info ...
1 year ago Bleepingcomputer.com
How secure is the "Password Protection" on your files and drives? - People in certain professions, such as healthcare, law, and corporations, often rely on password protection when sending files via email, believing it provides adequate security against prying eyes. Protecting files with passwords without encrypting ...
7 months ago Helpnetsecurity.com
Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
10 months ago Bleepingcomputer.com
The US Needs To Follow Germany's Attack-Detection Mandate - To effectively combat these threats, the US needs to adopt a comprehensive and proactive approach to cybersecurity, similar to the one taken by Germany with its IT-SiG 2.0 mandate. The IT-SiG Approach Compared With the US's Current Capabilities One ...
1 year ago Darkreading.com
Internet Security: Ensuring Safe Online Experiences - Cybercriminals are constantly evolving their tactics, from sophisticated cyber attacks to insidious data breaches, putting your virtual safety at risk. Protecting your data isn't the only concern; safeguarding your identity, finances, and peace of ...
9 months ago Securityzap.com
JumpCloud's Q1 2024 SME IT Trends Report Reveals AI Optimism Tempered by Security Concerns - The report provides updated survey results and new findings to the company's biannual SME IT Trends Report, which was first released in June 2021. The latest edition of the report delves into the impact of artificial intelligence on identity ...
10 months ago Darkreading.com
Microsoft starts testing new Windows 11 Energy Saver feature - Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life. This new feature is currently available to Insiders in the Canary Channel who have installed Windows 11 Insider ...
1 year ago Bleepingcomputer.com
Windows 11 Notepad gets a built-in character counter, finally - Microsoft keeps improving and adding more features to the Windows 11 Notepad application, the latest being a built-in character counter. Until now, users who needed a quick way to count characters in a text file have been forced to use third-party ...
1 year ago Bleepingcomputer.com
Flipper Zero can now spam Android, Windows users with Bluetooth alerts - A custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and Windows devices. A security researcher previously demonstrated the technique against Apple iOS devices, inspiring others to ...
1 year ago Bleepingcomputer.com
Sensitive data loss is due to lack of encryption - In an era where data is the lifeblood of businesses, safeguarding sensitive information has become paramount. Cybersecurity lapses have historically been a cause of data breaches, but a recent study sheds light on a new dimension of vulnerability - ...
1 year ago Cybersecurity-insiders.com
GitHub Wants All Users to Enable 2FA Before the End of 2023 - GitHub, the omnipresent nexus for developers and their code, has embarked on a decisive initiative aimed at fortifying the security of the software supply chain. In a groundbreaking announcement, the platform has set forth a mandate for two-factor ...
11 months ago Cybersecuritynews.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
1 year ago Techrepublic.com
A Comprehensive Overview of Encryption as a Service - Encryption as a Service (EaaS) is a way for companies to protect their sensitive data, both at rest and in transit. It is a subscription model that allows customers to outsource the complexity of data encryption to a team of experts. Encryption is ...
1 year ago Heimdalsecurity.com
Why BYOD Is the Favored Ransomware Backdoor - These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Microsoft's fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from ...
11 months ago Esecurityplanet.com
CVE-2016-9463 - Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)