Microsoft released the Windows 11 Canary core version in early June, of which the Enterprise Edition 25381 now requires server message blocks for all connections by default.
In a blog post, Microsoft principal program manager Ned Pyle explained the reason for the move, revealing that the change will come to more versions of Windows alongside Windows Server.
While Windows and Windows Server editions have supported SMB signing for a long time, Microsoft has made a number of recent moves to make it an important part of Windows security.
In March 2022, Microsoft added an SMB authentication rate limiter to the preview release, which sets a 2-second timeout limit on each failed NTLM authentication attempt. In theory, this would make it harder for hackers to attempt to log in multiple times.
In January 2023, Microsoft said that Windows 11 Pro will soon begin disabling the insecure SMB guest authentication fallback. Today, Ned Pyle said the new move to make SMB signing the default is “part of a campaign to improve Windows and Windows Server security for the modern environment.”
Ned Pyle added:
"Expect this signature default change to appear in Professional, Education, and other Windows editions, as well as Windows Server over the next few months. Depending on how the preview progresses, it will start appearing in major releases."Also, according to Pyle, future versions of Windows will not end SMB functionality either:
"We'll continue to roll out more secure SMB defaults and many new SMB security options over the next few years; I know they can impact application compatibility, and Windows has a tradition of ensuring ease of use, but security can't be left alone room."
