Preventing SMB traffic from lateral connections and entering or leaving ...
For consumer or highly isolated, managed computers that do not require SMB at all, you can disable the Server or Workstation services. You can do this manually by using the “Services” snap-in (Services.msc) and the PowerShell Set-Service cmdlet, or by using Group Policy Preferences.
Support for Audit Events to deploy SMB Server Hardening—SMB Server ...
Customers must either configure SMB Server to require SMB Server signing or enable SMB Server EPA to harden their systems against this class of attack.
Security guidance for NTLMv1 and LM network authentication
To have us fix this problem for you, go to the "Fix it for me" section. To reduce the risk of this issue, we recommend that you configure environments that run Windows NT 4, Windows 2000, Windows XP, and Windows Server 2003 to allow the use of NTLMv2 only.
Shared folder in Windows Server 2012 R2 or Windows 8.1 cannot be ...
Fixes an issue that occurs when you access shared folders in Windows 2012 R2, Windows 8.1, or Windows RT 8.1 by using SMB version 1 protocol from Windows Server 2003 R2 or Windows XP.
Security update for the Windows SMB Information Disclosure ...
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploits this vulnerability could craft a special packet.
KB5005413: Mitigating NTLM Relay Attacks on Active Directory ...
In addition to the primary mitigations, we recommend you disable NTLM authentication where possible. The following mitigations are listed in order from more secure to less secure:
MS09-050: Vulnerabilities in SMB could allow remote code execution
To view the complete security bulletin, visit one of the following Microsoft Web sites: To fix this problem automatically, click the Fix this problem link that is related to disabling or enabling the bulletin. Then, click Run in the File Download dialog box and follow the steps in this wizard. Note This wizard may be in English only.
MS16-114: Security update for Windows SMBv1 Server: September 13, 2016
Resolves a vulnerability in Windows that could allow remote code execution if an authenticated attacker sends specially crafted packets to an affected Microsoft Server Message Block 1.0 (SMBv1) Server.
MS17-010: Security update for Windows SMB Server: March 14, 2017
Resolves a vulnerability in Windows that could allow remote code execution if an attacker sends specially crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server.
How to disable DCOM support in Windows
Explains how to turn off the Distributed Component Object Model (DCOM) protocol in Windows XP.