Disable SMBv1 to protect against ransomware attacks

ransomware

With the recent issues with ransomware and the Wannacry attack, you really should now have SMBv1 disabled on your machines.

If you are still working on this or maybe not even started yet, then here we will slow you a few examples of what to do to protect yourselves from future SMBv1 vulnerability attacks.

Manual Commands

If you need to disable SMBv1 on just a few machines, then you may want to use a simple command line to start the services for SMBv1. To do this, run the following commands from an elevated command prompt:

sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled

So you should see something like this once complete:

Registry Edit

You can also make a registry change on a machine to disable the SMBv1 Protocol. To go this, go to the following registry location:

HKLMSYSTEMCurrentControlSetServicesLanmanServerParameters

Then you need to add a DWORD with the following settings:

Name: SMB1

Value: 0

So it should look like this:

Reboot your machine for the changes to take affect.

Powershell

You can also run a Powershell command to uninstall the SMBv1 feature. To do this, open up a Powershell command box and enter the following command:

Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

This will then start the uninstall process:

Once complete it will then ask you if you want to reboot your machine or not:

You can use all of the above methods to remove the SMBv1 vulnerbility on larger volumes of machines by using systems like Group Policy or Configuration Manager

COMMENTS

If you have any questions or feedback on this guide, please feel free to leave us a message below.

Free Subscription!Subscribe to our site to receive updates via email!

Enter your email address below and click the Subscribe button to receive email notifications about new and exciting downloads available through our website at https://www.techygeekshome.com

You will also receive notifications about new technical guides, latest news and MSI installer downloads that are available through our blog here at https://blog.techygeekshome.info 

We will not spam you and we will not pass on any of your details to anyone else. We tend to post new content once or twice a week.

Join 232 other subscribers

You can unsubscribe any time you like.

About A.J. Armstrong

Founder of TechyGeeksHome and Head Editor for over eight years! IT expert in multiple areas for over 20 years. Sharing experience and knowledge whenever possible! Making IT Happen.

View all posts by A.J. Armstrong