Microsoft said that denying permissions to the “‘sp_replwritetovarbin” extended stored procedure would protect vulnerable systems, and provided instructions on how to do that in the advisory.