Temporary workaround for Windows SMBv2 zero-day
The Windows SMBv2 zero-day vulnerability (disclosed vulnerability with no software fix) appears to be more dangerous than initially thought. The vulnerability does not affect the Release to Manufacturing (RTM) version of Windows 7 or Windows Server 2008 R2, but it does affects Windows Vista and Windows Server 2008. The danger is no longer just a system crash or reboot, it can lead to a full system compromise.
In the absence of a patch, Microsoft released some instructions for disabling SMBv2. For your convenience, I’ve packaged two REG files that you can download that enable and disable SMBv2 in Windows Vista and Windows Server 2008. So until a software patch is available, you need to disable SMBv2 double clicking the disable-SMBv2.reg file and then rebooting. The workaround does not break your ability to serve files, but it does reduce your SMB file serving speeds down to Windows XP and Windows Server 2003 levels which would result in a moderate decrease in performance. When the patch becomes available and you have applied the patch, just run the enable-SMBv2.reg file and reboot.