Re: "the SMB server bug is the result of a buffer overflow in Microsoft's code. "
"Yes, and patched automatically in all supported versions before this happened. "
I would be surprised if MS is actually fixing bugs in SMBv1. Windows 7+ and Windows 2008+ support SMBv1, but default to SMBv2. So they don't use the protocol unless the remote forces them to downgrade. The 'fix' that has been around for a while is registry setting to turn off the SMBv1 protocol. Just like we did for SSLv3 (and now the lower TLS versions). Anyone who has done PCI scans has seen this working through the system for a while.