Microsoft has confirmed that its September 2025 security updates are causing significant connectivity issues for a wide array of Windows users. The problem specifically affects those trying to access shared files and folders using the antiquated Server Message Block (SMB) v1 protocol over the NetBIOS over TCP/IP (NetBT) protocol. This issue is not limited to a few systems; it’s quite widespread, impacting both client operating systems like Windows 11 and Windows 10, as well as server platforms such as Windows Server 2025 and Windows Server 2022. The company has acknowledged the issue in a service alert, noting that the problem arises when the security update is installed on either the SMB client or the SMB server.
To address the issue, Microsoft is actively working on a permanent solution. In the meantime, the company has provided a temporary workaround for affected customers. This solution involves configuring systems to allow traffic on TCP port 445. By doing so, the Windows SMB connection will successfully resume, as it will be forced to switch from using NetBT to the more modern TCP protocol. This temporary fix bypasses the problematic NetBT connection, allowing users to regain access to their shared resources while a full patch is being developed.
The fact that SMBv1 is at the center of this issue highlights a long-standing recommendation from Microsoft to migrate away from this outdated protocol. SMBv1 was superseded by SMBv2 and later protocols back in 2007 and was officially deprecated in 2014. It has not been installed by default on Windows operating systems since the release of Windows 10 version 1709 and Windows Server version 1709. Microsoft has been actively phasing out this 30-year-old file-sharing protocol for years, even beginning to disable it for Windows 11 Home Insiders in 2022. The initial plans for its removal were announced back in 2017, underscoring the company’s push for more secure networking practices.
The security concerns surrounding SMBv1 are a major reason for its deprecation. The protocol lacks the essential security features found in its newer counterparts, which include pre-authentication integrity checks to prevent man-in-the-middle attacks, protection against security downgrade attacks, and a mechanism to block insecure guest authentication. Microsoft has consistently warned network administrators to remove SMBv1 from their networks due to these vulnerabilities. The push to remove it gained significant urgency after the 2017 leak of several NSA exploits, which were specifically designed to exploit weaknesses in the SMBv1 protocol to execute commands with administrative privileges on vulnerable systems.
These exploits, particularly EternalBlue and EternalRomance, were later weaponized by notorious malware strains such as WannaCry, NotPetya, and Emotet. These attacks leveraged the vulnerabilities of SMBv1 to carry out destructive campaigns and engage in credential theft, causing widespread damage and financial loss. The current connectivity issues caused by the September 2025 update serve as a stark reminder of the risks associated with using this outdated protocol. While Microsoft works on a fix for this specific problem, the best long-term solution remains the complete removal of SMBv1 from all networks to prevent future security and connectivity issues.
Reference:
