The US-CERT issued a security advisory to warn of a zero-day memory corruption vulnerability in the SMB (Server Message Block) protocol that can be exploited by a remote attacker. The flaw resides in the way the Windows OS handles the Server Message Block traffic, the vulnerability could be remotely exploited by an unauthenticated attacker. A possible workaround consists in blocking outbound SMB connections (TCP ports 139 and 445 along with UDP ports 137 and 138) from the local network to the WAN.”]
Source: http://securityaffairs.co/wordpress/55950/hacking/windows-smb-zero-day.html