How to Disable SMB on Windows Machines to prevent WannaCry Ransomware
In light to the recent cyber attack of ransomware which goes by the name “WannaCry” has affected more over 99 countries. This attack is believed to use the exploit tool called “ETERNALBLUE” which was leaked from the NSA, by the hacker group called ShadowBrokers. This tool exploits the vulnerability in the SMB service of the machine to spread and propagate. This document will provide you with the steps that a reader can take to disable the SMB service. By disabling the service the propagation of the virus will stop from spreading.
Please note: Before proceeding further it is strongly advised to take a backup of the machine because you will in some case might require to change the Windows Registry. If the steps are not carefully followed it might even crash the machine.
For Windows 10/8/7
Windows 10 users can disable the SMB feature by following these simple steps:
- Click on the Search option and search for “Windows Features” and you will see the result as “Turn Windows Feature on and off.”
- Upon clicking the option, the following screen will be prompted