https://www.techpowerup.com/232770/n...ed-in-the-wild

The "DoublePulsar" exploit exposed recently as part of the leaked NSA-derived hacking toolkit posted online, is set to become one of the more significant issues related to the leak. Not because it is unpatched, because it has been patched for roughly a month, but rather because according to a threatpost.com report, few users are as up to date as they should be.
The exploit is described as "Zero-Day" in nature, and if that sounds serious, it's because that's exactly what we are dealing with. The exploit uses a bug in the Windows Server Message Block (SMB) stack, the protocol Windows uses to share files with PCs on the local network. The issue is so severe, it allows an unauthenticated attacker with access to the SMB port complete root-level control over your PC. Basically, if they can touch your SMB port, it doesn't matter what antivirus you are running, it's "game over dude." Worse yet, the report indicates the exploit is already in use "internet-wide."

One way to defend against this is using a decent hardware or even software firewall and blocking SMB access (Windows does not do this by default, for functionality reasons). SMB utilizes port TCP 445, if you want to go this route. But honestly, the best thing to do is just ensure you are up to date. Microsoft has had a patch out for this for over a month: Use it. Windows Update can get you there, or you can simply download it here.

If nothing else, this is a reminder of the dangers of running an unpatched Windows system (Windows XP gets no fix for this, as an example). Please keep your system up to date, or if unable or unwilling, stay on top of the latest exploit news to at least know what you are up against and have your firewall and antivirus ready.