these were met with success messeges in the power shell to let me know I entered them right . but is there any way to make sure I now have the machines smb actually disabled thus disabling the recent exploit?
The exploit requires you to not be patched. Patch and you don't have to cripple your system, you should have done this in march when the patch was released so you shouldn't need to worry at all.
Unless your not patching at all? I'm which case this is just one of your problems.
The exploit also has no bearing on the payload. The computers can still individually be hit by the ransomeware.
The patch doesn't work on any of these machines so next best thing is to disable smb , from what I can see none of these machines need any of the smb functions.
But this is another case of someone who doesn't know what they're doing. Keep your systems updates through windows update. You're only putting your computers and data at risk. You already had those systems vulnerable for months, haven't patched them properly, and you haven't even thought about the other vulnerabilities.
Yes, but it's not only that. If your not updating your system then you have to be on top of preventing exploits. In this case these systems have been unnecessary vulnerable for months because of some unjustified (as far as I can tell) reason for not having updates turned on.
You can't turn off critical updates and just go about your way. Do you know how many vulnerabilities Microsoft patched? Why are you just mitigating one of them over 2 months later? Would you have ever done it if it wasn't widespread in the news? This was in the news over 2 months the ago so what did you miss and what else have you missed?
This is a symptom of a larger problem not being addressed as far as I can see. And the solution is simple. Turn on updates.