Identify Computers with SMBv1 Enabled

SMBv1 was deprecated by Microsoft in 2014. PDQ Inventory can be used to track computers in your environment with SMBv1 still enabled. 

Individual Machines - Computer Info

To check if a specific machine has SMBv1 enabled, you can view this information under the Computer Details section in PDQ Inventory:

ComputerInfo.png

All Computers - Dynamic Collection

You can create a Dynamic Collection or Report to check all of your machines for SMBv1: 

1. Click on New Dynamic Collection in the PDQ Inventory Toolbar (or Ctrl + N or click on Collection in the menu and select New Dynamic Collection).

2. Create your Dynamic Collection using the filters below: 

DynamicCollection.png
3. Additionally, you can convert this into a report by right-clicking the Dynamic Collection you created and select New > Report From Collection. This will allow you to add other fields to the report (OS, architecture, for example) that provide more detailed information.

See Also:
Knowledge Base Article: WannaCrypt And Friends: Identify And Mitigate Vulnerabilities
Video: WannaCrypt Ransomware Attack Patch / Update
Blog Article: WannaCrypt Ransomware Attack Patch
Microsoft's Article on Disabling SMBv1

Was this article helpful?
Still have a question or want to share what you have learned? Visit our Community Discord to get help and collaborate with others.