Fixing Windows SMB2 Exploit

As ComputerWorld reports, Server Message Block 2 (SMB2), a service that allows file and print sharing on Windows, may not only be vulnerable to BSOD attacks but possibly hijacking.

Microsoft is working on a patch but has released a Fit-It Tool for those who don't want to get their hands dirty. I for one like to know what's happening underneath so for those more technically inclined, here's a more expanded solution:

To ensure that you even need to disable the Service, open a CMD prompt and type the following:

sc query mrxsmb20

If the status is Running, here is the solution:

sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= disabled

Once Microsoft has fixed the problem, this will enable it:

sc config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
sc config mrxsmb20 start= auto

Check out Petri for a more complete rundown and a Server 2008 solution.
Next PostNewer Post Previous PostOlder Post Home