Suggest an Idea...

Remove UTM SSO reliance on insecure SMB 1.0

We disabled SMB 1.0 on our domain for security reasons, and the UTM SSO stopped working.

Apparently the UTM relies on SMB 1.0 and plain text for SSO!

This needs fixing ASAP and support for SMB 2+ enabling.

101 votes

Ian shared this idea · February 22, 2017 · Flag idea as inappropriate… · Admin →

Completed · April 06, 2018

Show previous admin responses (1)

13 comments

An error occurred while saving the comment

Ethan commented · December 01, 2017 18:33 · Flag as inappropriate

When will the "next" maintenance release of UTM 9 with this added get released?

Submitting...
Tony commented · November 21, 2017 11:46 · Flag as inappropriate

There have now been multiple releases since June 30th, yet this doesn't seem to have been finished?

Submitting...
Ed commented · August 01, 2017 18:02 · Flag as inappropriate

There's a new SMBv1 exploit now. *sigh*

Submitting...
Neil Williams commented · July 18, 2017 08:11 · Flag as inappropriate

Do you have an ETA on this fix?

Submitting...
Chris Doig commented · June 20, 2017 15:32 · Flag as inappropriate

This is going to be problematic...
https://threatpost.com/say-goodbye-to-smbv1-in-windows-fall-creators-update/126387/

Submitting...
Chris Pavey commented · May 19, 2017 11:03 · Flag as inappropriate

It's unacceptable that our security appliance still uses SMBv1.

Submitting...
CakeWalker commented · May 18, 2017 16:48 · Flag as inappropriate

Yes, Fix please

Submitting...
Anonymous commented · May 17, 2017 02:28 · Flag as inappropriate

just discovered this after disablilng SMB1 due to the Wannacry outbreak. Come on Sophos. There is SMB v2 and SMB v3 that you can configure support for!

Submitting...
Fuq'inPissd commented · May 16, 2017 19:04 · Flag as inappropriate

No wonder why the NHS got hacked using Sophos Firewall's. Cant believe our company went with these posers.

Submitting...
sbardosi commented · May 16, 2017 15:41 · Flag as inappropriate

Holy cow! This needs an immediate Fix!!!

Submitting...
Christian commented · May 16, 2017 04:58 · Flag as inappropriate

Incredible that SMBv1 is still in use, even more so from a company that sells security appliances!

Submitting...
Jason Walker commented · May 16, 2017 02:14 · Flag as inappropriate

Seriously, this needs fixed.

Submitting...
John Paul commented · May 15, 2017 19:53 · Flag as inappropriate

Defiantly !

Submitting...

Sign in with:

Signed in as (Sign out)

Signed in as (Sign out)

SG UTM: UTM Endpoint Protection

Searching…

No results.
Clear search results

Give feedback
- Cloud Optix 959 ideas
- Data Protection 124 ideas
- Endpoint Protection 1,316 ideas
- Firewall Management in Central 37 ideas
- Phish Threat 206 ideas
- Secure Web Gateway 372 ideas
- SG UTM 3,748 ideas
- Sophos Central 3,131 ideas
- Sophos Mobile 554 ideas
- XG Firewall 1,937 ideas
Sophos Features & Ideas Laboratory