Now WannaCry / WannaCrypt ransom malware is pervading worldwide. More than 200,000 computers have been attacked in 99 countries in just two days.
Currently, the SMB protocol has three versions, SMBv1, SMBv2, and SMBv3. And SMBv1 has been outdated for nearly 30 years. WannaCry is using the SMBv1 vulnerability, spreading itself against other computers on the network. The target machine does not have to click open any file. So SMBv1 is not suitable for use in this era.
Closing SMBv1
The process of shutting down SMBv1 in Windows 8.1, Windows 10, Windows Server 2012 R2 and Windows Server 2016 is very easy without technical knowledge. It takes less than 5 minutes to complete.
1. Click Start.
2. Type in the search box "turn windows features" and click on "Turn Windows features on or off".
3. The Windows Features window opens, scroll down to find "SMB 1.0 / CIFS File Sharing Support" message. This feature is turned on by default.
4. Make the tick out of the box and press OK.
5. Finally, restart the machine 1 round, it is finished. Only WannaCry malware can not transmit to us.
However, the closure of SMBv1 client side on older operating systems such as Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 and Windows Server 2012 are some hassles. Because you have to execute commands through the Command Prompt.
1. Open elevated command prompt by right-clicking Command Prompt and then click Run as administrator.
2. Type the command below. Type one line at a time.
- sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
- sc.exe config mrxsmb10 start= disabled
3. Restart the machine.
Finally, we recommend that you update the operating system. Include software. Keep the latest version up to date.