Last updated on April 1st, 2023 at 08:42 pm
With the recent issues with ransomware and the Wannacry attack, you really should now have SMBv1 disabled on your machines.
If you are still working on this or maybe not even started yet, then here we will show you a few examples of what to do to protect yourselves from future SMBv1 vulnerability and ransomware attacks.
If you need to disable SMBv1 on just a few machines, then you may want to use a simple command line to start the services for SMBv1. To do this, run the following commands from an elevated command prompt:
sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi sc.exe config mrxsmb10 start= disabled
So you should see something like this once complete:
You can also make a registry change on a machine to disable the SMBv1 Protocol. To go this, go to the following registry location:
Then you need to add a DWORD with the following settings:
So it should look like this:
Reboot your machine for the changes to take affect.
You can also run a Powershell command to uninstall the SMBv1 feature. To do this, open up a Powershell command box and enter the following command:
Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol
This will then start the uninstall process:
Once complete it will then ask you if you want to reboot your machine or not:
You can use all of the above methods to remove the SMBv1 vulnerbility on larger volumes of machines by using systems like Group Policy or Configuration Manager
If you want to be notified when we post more quality guides like this one, sign up to our free subscription service and you will receive an email when a new post is live.
No need to worry, we will not be filling your inbox with spam and you can unsubscribe anytime you like.