my 2c: samba is not vulnerable to wannacry ramsonware if you keep it updated…
disabling such features won’t help you, 'cause if a client get the virus and the logged user has write access to samba shares, nothing can help you.
OTOH, disabling such a feature could have some unexpected and undesired effects on your clients and productivity.
the only way to defend yourself is:
- keep all the machines uptodated (both server and clients)
- have a good AV on server (for mail filtering) and on client too
- have a good backup
- work on your users’ net awareness… the best AV is the one between 2 ears