Unfortunately, the code was leaked and ended up in the wrong hands, resulting in today’s situation. Critical emergency services such as hospitals and law enforcement in the UK have been broadly impacted by ‘Wanacrypt’. The end result being, if you don’t have a backup of your system with an App like Crashplan that keeps all versions of all your files, you’re out of luck. Unless that is you’re running a modern operating system like Windows 10.
Windows XP, Windows Server 2003 and Windows 8 Get Security Fix for ‘Wanacrypt’ Attack
The severity of Wanacrypt has been so devastating that Microsoft developed a fix for out of date versions of its Windows operating systems. Although the fix can’t reverse the effects of an infected system, it does prevent vulnerable versions of Windows from getting infected, at least from this specific malware. The software firm detailed in a blog post measures customers can take to protect and remove the malicious software from their systems.
Details are below.
In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).
There was no mention of Windows 7, Windows Server 2007 or Windows 10 being susceptible to the Wanacrypt ransomware. Obviously, this is yet just one more reason to keep your computer on the latest operating system. Yes I know, it’s not always to keep updating, however, in order to stay ahead of the bad guys, Microsoft spends billion. With this in mind, if you’re still running an older version of windows, please consider upgrading to Windows 10 today. Users on older releases still supported by Microsoft can do their part to ensure attacks like these are minimal.
Apply the patches for your systems when they become available. I hate to say it, but Microsoft did release a fix for this, most of whom got attacked, simply didn’t install the Microsoft Security Bulletin MS17-010 patch.Backup, we talk about it all the time at Groovypost, if you are not doing it, now is a good time to start.Be conscious of your email messages and where they come from. Wanacrypt was able to infiltrate systems through email attachments some users opened unsuspectingly.
Users can download patches for their respective versions of Windows at the following links: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64 Thank you for your comment here. I have not actually verified this, but I think I can answer your question. For all kinds of patches/updates which Microsoft produce for Windows operating systems, they (Microsoft) assume that people’s computers will be running the most recent available Service Pack for their version of Windows. The most recent Service Pack for Windows XP 32-bit is Service Pack 3. (The most recent Service Pack for Windows XP 64-bit is Service Pack 2.) Therefore, Microsoft’s update to patch this vulnerability for Windows XP 32-bit computers is meant for computers running Windows XP SP3 32-bit only. For anyone today who has a computer running Windows XP SP2 32-bit, their first step should be to install Service Pack 3 for Windows XP 32-bit. After doing that, they should be able to install this special security “patch” from Microsoft. I hope this helps. G-d bless, Peter Selig Comment
Δ