We now know that the ransomware spread due to an exploit in the Windows Server Messaging Block (SMB) protocol version 1. This is an outdated version of SMB, used to share files and printers among networked computers, that Windows still supports for backwards compatibility. Microsoft patched this issue in March, but affected computers were still vulnerable to attack if they were running the archaic Windows XP or hadn’t applied latest updates in Windows 7 for months. Surprisingly 90% of the affected computers were running Windows 7 in an enterprise environment and not patched due to slow update policies adopted.
On your own system, you can disable SMB 1.0 in just few clicks. As most of us home users don’t need that old and insecure version of this protocol, we can shut it off without any loss of functionality.
Steps are very simple to follow. Open Control Panel, then click on Programs in Category View followed by Programs & Features. Once in that Menu, Click on “Turn Windows Features On or Off”
Deselect the SMB1.0/CIFS File Sharing Support as shown above and apply Ok. It would go through the process and on completion ask to restart the system and that’s it.