From what I understood is the implementation of windows having problems … then resolved with the patch of March
i’ll do some other search… but some sources talks also of possible problem with smbv2
I ’ve seen conflicting reports about the exploit. Is it targeting SMBv1 or SMBv2?
The vulnerability exploited by the EternalBlue tool lies in the SMBv1 implementation. However, to exploit it, the tool also uses SMBv2. This means that it uses both SMBv1 and SMBv2 packets during the attack. Disabling SMBv1 or SMBv2 prevents the infection; however, while disabling SMBv1 (an old protocol) has no significant impact on modern systems, disabling SMBv2 can cause problems. This is why it is highly recommended to disable SMBv1 for the current attack and for the future.