The WannaCry/WannaCrypt Ransomware attack successfully compromised tons of systems already by using the classic e-mail attachment vector and the 2nd vector is to use the vulnerable SMB protocol to attack machines in internal networks to infect them as well.
To fix the SMB issue Microsoft already released an update in march 2017, security bulletin MS17-010.
Description:
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Windows SMBv1 server.
Microsoft now also released an update for Windows XP and Windows Server 2003 (KB4012598) to fix the issue. Automatic Updates should find and install the updates or you can find them in the Microsoft Update Catalog. Microsoft has some more information about this issue on the MSRC team blog.
Available Patches:
- Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB4013198)
- Cumulative Update for Windows 10 Version 1607 (KB4013429)
- Cumulative Update for Windows Server 2016 for x64-based Systems (KB4013429)
- March, 2017 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4012213)
- March, 2017 Security Only Quality Update for Windows Server 2012 R2 (KB4012213)
- March, 2017 Security Only Quality Update for Windows Server 2012 (KB4012214)
- March, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4012212)
- March, 2017 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4012212)
- Security Update for Windows Server 2008 for x64-based Systems (KB4012598)
- Security Update for Windows XP SP3 x86 (KB4012598)
- Security Update for Windows Server 2003 x86 (KB4012598)
- Security Update for Windows Server 2003 for x64-based Systems (KB4012598)