My analysis of the advisory:
This vulnerability is “Wormable” in the sense that an infected host can be used to further infect other hosts on its network segment. This is because both the SMBv3 Server and Client components are vulnerable. An attacker can use a SMBv3 Slient to infect a SMBv3 Server and then use the SMBv3 Server to infect SMBv3 Clients.
Due to KASLR (Kernel Address Space Layout Randomization) this vulnerability cannot be used by itself to infect systems, it will have to be chained with another zero-day vulnerability for it to be useful to attackers.
Vulnerable Windows Versions:
Windows Server, Version 1903
Windows Server, Version 1909
Windows 10, Version 1903
Windows 10, Version 1909
All Windows machines function as both SMBv3 Servers and SMBv3 Clients.
This remediation disables SMBv3 Compression which will make SMBv3 Server components not vulnerable and thus prevent the vulnerablity from being “wormable”.
That being said SMBv3 Clients will remain vulnerable after applying the remediation.
There is no way to disable only SMBv3 on a Windows 10 system, you must disable SMBv2 and SMBv3 – with Windows no longer shipping with SMBv1 enabled, disabling SMBv2 and SMBv3 will result in systems without any SMB connectivity.