How to Protect Your Windows System from EternalBlue (CVE-2017-0144)

Luckyy Vendetta

Administrator
Luckyy
Staff
Luckyy Rep
0
0
0
Rep
0
Luckyy Vouches
1
0
0
Vouches
1
Posts
186
Likes
28
Bits
800,053
4 YEARS
4 YEARS OF SERVICE
LEVEL 4 90 XP

1. Install the MS17-010 Security Patch​


Microsoft released the MS17-010 patch in March 2017. If you're using Windows 7 SP1, you should install update KB4012212 or KB4012215.

Direct download:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212

Or use Windows Update:
Control Panel > Windows Update > Check for updates​

2. Disable SMBv1​

SMBv1 is an outdated and insecure protocol. EternalBlue targets it directly, so disabling it is a critical step.

Option A: Using PowerShell
Open PowerShell as Administrator and run:

Code: 
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

Restart your computer afterward.

Option B: Through Windows Features
  1. Go to Control Panel > Programs and Features
  2. Click "Turn Windows features on or off"
  3. Uncheck "SMB 1.0/CIFS File Sharing Support"
  4. Click OK and restart your PC

3. Block SMB Ports in Windows Firewall​

Block TCP port 445 to prevent SMB traffic from reaching your system.
Steps:
  1. Open Control Panel > Windows Firewall
  2. Click "Advanced settings"
  3. Go to Inbound Rules > New Rule
  4. Select "Port", then choose TCP and enter 445
  5. Choose "Block the connection"
  6. Apply to all profiles and give it a name like "Block SMB"

4. Use Antivirus with Exploit Protection​


Use a reputable antivirus that includes exploit detection. Since Windows 7 doesn’t have Defender ATP, consider:
  • Malwarebytes
  • Bitdefender
  • Kaspersky

5. Disable File and Printer Sharing (If Not Needed)​

Turn off file sharing features to reduce exposure.

Control Panel > Network and Sharing Center > Change advanced sharing settings > Turn off File and Printer Sharing​

Use the “Public” network profile for added security when possible.

6. Upgrade or Isolate Windows 7 Systems​


Windows 7 reached end-of-life in January 2020.

  • Upgrade to Windows 10 or 11 if possible
  • If you must use Windows 7, isolate it from the internet or put it on a restricted network

Summary​

To secure your system from EternalBlue:
  • Install the MS17-010 patch
  • Disable SMBv1
  • Block port 445
  • Keep antivirus updated
  • Limit unnecessary file sharing
  • Upgrade when possible

Stay secure and keep your system up to date.
 
You must log in or register to reply here.

110

512

618

15

T test
Top