Applying the Microsoft patches MS17-010 should be enough to protect against the EternalBlue Exploit that enabled the rapid spread of the Wanna ransomware attack. Microsoft and others are advising that customers should consider blocking legacy protocols on their networks in particular SMBv1 as an additional defense-in-depth strategy to further protect against attacks.
Dependencies for SMBv1 have been removed for all products. Please update your Sophos products to the versions listed below or newer.
The following sections are covered:
Applies to the following Sophos products and versions
Sophos UTM Sophos XG firewall Sophos Web Appliance
Please read and fully understand the Sophos recommendations and guidelines for Wana Decrypt0r 2.0 Ransomware
SMBv1 dependencies have been removed for:
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.