How to protect Samba from the SambaCry exploit

You’ve already heard of WannaCry, a ransomware attack that can lock down data on Windows machines. This particular exploit comes by way of an SMB vulnerability. Naturally, if you use Linux you know about Samba; but did you also know that, according to CVE-2017-7494:

All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.