First  Prev  1  2  Next  Last
Post Reply psa: install security update from Microsoft to prevent wannacry ransomware from exploiting a flaw in smb
13776 cr points
Send Message: Send PM GB Post
☆Land of sweets☆
Offline
Posted 5/15/17


It's important to realize that you don't have to do a thing in order to get infected. If you're running Windows and haven't installed MS17-010 and your machine can be accessed through port 445, you're a sitting duck.


http://www.infoworld.com/article/3191897/microsoft-windows/more-shadow-brokers-fallout-doublepulsar-zero-day-infects-scores-of-windows-pcs.html


if you haven't already, download and install the security update from Microsoft. you can choose to install the security patch only - just look for your OS version and click on the link on the left side. you will have to restart your computer, so make sure you save any work / files before you apply the security patch

also, be sure to always have a backup or two of all your important files

also, if you're like me and avoid windows update, this is one update you don't want to skip on
55145 cr points
Send Message: Send PM GB Post
101 / M
Offline
Posted 5/15/17
You definitely don't want to miss out Any Window Updates! =0 Alway update the sec it become available!

22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17 , edited 5/15/17
Or alternatively format windows and install Linux mint/Ubuntu.

http://m.windowsitpro.com/networking/whats-port-445-used-windows-2000-and-later-versions

I'm going to have to block all ports going to my windows partition at this point.....
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17
Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware attack

http://www.pcworld.com/article/3196523/security/microsoft-blames-us-stockpiled-vulnerability-for-ransomware-attack.html

I blame both of them. Microsoft for giving in and building back doors and the NSA for pushing for back doors.
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17
NHS left reeling by cyber-attack: ‘We are literally unable to do any x-rays’

https://www.theguardian.com/society/2017/may/13/nhs-cyber-attack-patients-ransomware
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17 , edited 5/15/17
Russia's interior ministry says computers hit by 'virus attack'

https://au.news.yahoo.com/world/a/35490453/russias-interior-ministry-says-computers-hit-by-virus-attack/#page1


Reported Attacks world wide

57322 cr points
Send Message: Send PM GB Post
Offline
Posted 5/15/17 , edited 5/15/17

Rujikin wrote:

Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware attack

http://www.pcworld.com/article/3196523/security/microsoft-blames-us-stockpiled-vulnerability-for-ransomware-attack.html

I blame both of them. Microsoft for giving in and building back doors and the NSA for pushing for back doors.


I was under the impression that the exploit wasn't an intentional backdoor, but rather a real bug?
In which case I'd blame the NSA for not reporting the issue and the affected users for not managing to install security updates that were released month ago.

If there actually were proof this was an intentional backdoor then that'd be pretty big. "Microsoft cooperates with NSA, gets their customers hacked"....
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17 , edited 5/15/17

Cola_Colin wrote:


Rujikin wrote:

Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware attack

http://www.pcworld.com/article/3196523/security/microsoft-blames-us-stockpiled-vulnerability-for-ransomware-attack.html

I blame both of them. Microsoft for giving in and building back doors and the NSA for pushing for back doors.


I was under the impression that the exploit wasn't an intentional backdoor, but rather a real bug?
In which case I'd blame the NSA for not reporting the issue and the affected users for not managing to install security updates that were released month ago.

If there actually were proof this was an intentional backdoor then that'd be pretty big. "Microsoft cooperates with NSA, gets their customers hacked"....


We know they built in back doors and you know they won't admit to the back doors. That port has been an issue since windows XP and was still not fixed. There have been many other port 445 attacks in the past and yet the problem is still there... Typically if you get hacked multiple multiple times using the same port you would put some protections in place but they only seem to be a fix for the last attack.
4309 cr points
Send Message: Send PM GB Post
23 / M
Offline
Posted 5/15/17

Cola_Colin wrote:


Rujikin wrote:

Microsoft blames U.S. stockpiled vulnerability after WannaCry ransomware attack

http://www.pcworld.com/article/3196523/security/microsoft-blames-us-stockpiled-vulnerability-for-ransomware-attack.html

I blame both of them. Microsoft for giving in and building back doors and the NSA for pushing for back doors.


I was under the impression that the exploit wasn't an intentional backdoor, but rather a real bug?
In which case I'd blame the NSA for not reporting the issue and the affected users for not managing to install security updates that were released month ago.

If there actually were proof this was an intentional backdoor then that'd be pretty big. "Microsoft cooperates with NSA, gets their customers hacked"....


The NSA had been stockpiling these bugs and not telling Microsoft about them so that they would be the ones to exploit it.
2190 cr points
Send Message: Send PM GB Post
25 / M
Offline
Posted 5/15/17 , edited 5/15/17
If I recall correctly, the patch to fix the vulnerability that the ransomware used was released last March. And that the reason hospitals and such in particular fell prey to it is because many of them rely on outdated OSes that don't get security updates anymore.
50369 cr points
Send Message: Send PM GB Post
28 / M / Phatuum Thani, Th...
Offline
Posted 5/15/17
So glad i always keep all my personal shit in an external drive <3
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17
Edward Snowden: https://twitter.com/Snowden/status/863872972553166848

Extraordinary: Microsoft officially confirms @NSAGov developed the flaw that brought down hospitals this weekend.


https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/
runec 
38516 cr points
Send Message: Send PM GB Post
Offline
Posted 5/15/17

Mishio1 wrote:
If I recall correctly, the patch to fix the vulnerability that the ransomware used was released last March. And that the reason hospitals and such in particular fell prey to it is because many of them rely on outdated OSes that don't get security updates anymore.


Yep, closed network machines, machines that don't even have/require internet access or machines where the admin privileges were simply completely locked down. If you don't have a good IT department, or it's operating under bad management policies you can end up with outdated systems.

Case in point: Company I use to work for ( which mercifully no longer exists ). Internet access was required for the business. One random employee got a bug on the network through her email. Management's reaction was to basically blame the entire staff and have IT ( which consists of one guy and an intern ) lock down everything and everyone's user accounts. So only the one lone IT guy was able to download, install, update, change settings, etc and our brilliant boss demanded he perform all such tasks himself. As in, scheduled updates, etc were also not allowed unless he approved them on a case by case basis.

Needless to say our OS, drivers, software, antivirus, etc went out of date pretty quick with 3 servers and 30 machines on the floor and a boss not willing to pay OT for the tech. You can probably guess how it turned out and who they then blamed for how it turned out after the fact. -.-
357 cr points
Send Message: Send PM GB Post
31 / M / Playstation VR
Offline
Posted 5/15/17 , edited 5/15/17

runec wrote:

Yep, closed network machines, machines that don't even have/require internet access or machines where the admin privileges were simply completely locked down. If you don't have a good IT department, or it's operating under bad management policies you can end up with outdated systems.

Case in point: Company I use to work for ( which mercifully no longer exists ). Internet access was required for the business. One random employee got a bug on the network through her email. Management's reaction was to basically blame the entire staff and have IT ( which consists of one guy and an intern ) lock down everything and everyone's user accounts. So only the one lone IT guy was able to download, install, update, change settings, etc and our brilliant boss demanded he perform all such tasks himself. As in, scheduled updates, etc were also not allowed unless he approved them on a case by case basis.

Needless to say our OS, drivers, software, antivirus, etc went out of date pretty quick with 3 servers and 30 machines on the floor and a boss not willing to pay OT for the tech. You can probably guess how it turned out and who they then blamed for how it turned out after the fact. -.-


So many red flags. That would have been a "get out now" situation.

Anyway, I get to go back in tonight and finish patching ancillary systems. Yay.


Mishio1 wrote:
If I recall correctly, the patch to fix the vulnerability that the ransomware used was released last March. And that the reason hospitals and such in particular fell prey to it is because many of them rely on outdated OSes that don't get security updates anymore.


There's a little more to it than that. Yes, the NHS had many XP systems (shudder), but let me tell you how many medical devices walk in the door asking for a surprise server. Often times, while they will require supported software and OS versions, they'll still be pretty old. It's really easy for a system like that to fall off the radar in the short amount of time it takes to fall out of support.
Patching can be made more complicated by having limited outage windows to patch complex systems with dependency nightmares. A system I have worked on had a core made up of nearly fifty servers. The application required a manual shutdown process before you could take the OSes down.
22866 cr points
Send Message: Send PM GB Post
The White House
Offline
Posted 5/15/17

runec wrote:


Mishio1 wrote:
If I recall correctly, the patch to fix the vulnerability that the ransomware used was released last March. And that the reason hospitals and such in particular fell prey to it is because many of them rely on outdated OSes that don't get security updates anymore.


Yep, closed network machines, machines that don't even have/require internet access or machines where the admin privileges were simply completely locked down. If you don't have a good IT department, or it's operating under bad management policies you can end up with outdated systems.

Case in point: Company I use to work for ( which mercifully no longer exists ). Internet access was required for the business. One random employee got a bug on the network through her email. Management's reaction was to basically blame the entire staff and have IT ( which consists of one guy and an intern ) lock down everything and everyone's user accounts. So only the one lone IT guy was able to download, install, update, change settings, etc and our brilliant boss demanded he perform all such tasks himself. As in, scheduled updates, etc were also not allowed unless he approved them on a case by case basis.

Needless to say our OS, drivers, software, antivirus, etc went out of date pretty quick with 3 servers and 30 machines on the floor and a boss not willing to pay OT for the tech. You can probably guess how it turned out and who they then blamed for how it turned out after the fact. -.-


Horrible just horrible. I've had a job like that but it was the IT manager wanting me to leave stuff out of date. I asked too many questions and quickly got tasks taken away from me till I was only programming and I ended up quitting due to my boss being a dick. Now I'm pushing my new place to stay somewhat up to date and beef up security. Already fixed a major issue that went undetected before I joined
First  Prev  1  2  Next  Last
You must be logged in to post.