Almost everyone who had even a little familiarity with computers and the Internet heard about Wanacry. The ransomware which wreaked havoc last month and was the reason for a spike in cyber security awareness. Although this “awareness” among common people is expected to dump soon, tech companies are not going to get away with it in a similar way. Wanna cry used NSA’s exploit leaked by Shadow Brokers in a data dump in April. This exploit was based on a vulnerability present in SMBv1. Although Microsoft patched the same in an update released in March most of the users remained unaware of it. After the havoc and the “kill switch” solution, it was advised that the best way is to disable SMB on user systems if they do not need it. Microsoft is doing the work on the users’ behalf by deprecating the old SMBv1 in its next update of Windows. Ned Pyle, the principal program manager for Microsoft’s Windows Server High Availability and Storage division, has also published a blog post this month, enlisting products from other vendors that are still using SMBv1 and begged them to stop using it now. In the meantime, it is advised to disable SMBv1 and use the newer SMBv2 and SMBv3 instead. Microsoft has published a document, which describes registry settings, PowerShell commands as well as group policy settings to disable SMBv1 in your Windows environment manually.
