Announcement

Collapse
No announcement yet.

Wanacrypt - patch your systems now if you haven't yet

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Wanacrypt - patch your systems now if you haven't yet

    As I read somewhere: You know the shit has hit the fan when Microsoft issued a patch for Windows XP in 2017.

    Large organizations such as national telecoms, Renault, Sberbank are affected:


    German Railroad is using blackboard and chalk for train departures.

    Renault car factory in Slovenia also halted production.

    I backed up and updated all servers over weekend. Today I spent most of the day patching workstations. Also patched some industrial measuring equipment still running Windows XP with the out of band issued XP patch. So far all the places I run are unaffected.

  • #2
    Where can I get the patch? Is it pushed by Microsoft?
    I have one PC at home running XP, it's offline and I will keep it that way, but it's nice to know that there is a patch for it.

    Comment


    • #3
      The updates should install with Windows Update. We've been dealing with this issue all week.

      This blog posts covers what you need to know.

      “Inside every sane person there’s a madman struggling to get out”
      –The Light Fantastic, Terry Pratchett

      Comment


      • #4
        Originally posted by Jammrock View Post
        The updates should install with Windows Update. We've been dealing with this issue all week.

        This blog posts covers what you need to know.

        https://blogs.technet.microsoft.com/...crypt-attacks/
        Hopefully the malware attack will (re?)start a discussion on what type of vulnerabilities should be patched ASAP and which ones are 'safe to stockpile' by state agencies using it to perform espionage...

        Comment


        • #5
          There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

          There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.

          WannaCry, the notorious ransomware demanding up to $300 worth of Bitcoins to unlock victims' computers, hit systems all around the globe over the weekend. According to Finnish cybersecurity company F-Secure, though, Russia and China were affected the most, and it could be due to the rampant use of pirated software in those countries. Microsoft issued a patch for the vulnerability the attackers used as an entry point back in March and even fixed it for XP, which it long stopped supporting. However, pirated systems can't install those patches, so computers running illegal software remained vulnerable.
          “Inside every sane person there’s a madman struggling to get out”
          –The Light Fantastic, Terry Pratchett

          Comment


          • #6
            Originally posted by Jammrock View Post
            There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

            There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.

            https://www.engadget.com/2017/05/15/...ssia-wannacry/
            also some consumers block patching of their Win 7 & 8.1 installs to prevent the Windows 10-esque telemetry to be enabled against their wishes

            Comment


            • #7
              There are a lot of ways to block telemetry without blocking patching. People have built a number of automated tools to make it easy.



              “Inside every sane person there’s a madman struggling to get out”
              –The Light Fantastic, Terry Pratchett

              Comment


              • #8
                What is an XP. LOL Man I haven't posted here in a bit Need to update my sig
                [size=1]D3/\/7YCR4CK3R
                Ryzen: Asrock B450M Pro4, Ryzen 5 2600, 16GB G-Skill Ripjaws V Series DDR4 PC4-25600 RAM, 1TB Seagate SATA HD, 256GB myDigital PCIEx4 M.2 SSD, Samsung LI24T350FHNXZA 24" HDMI LED monitor, Klipsch Promedia 4.2 400, Win11
                Home: M1 Mac Mini 8GB 256GB
                Surgery: HP Stream 200-010 Mini Desktop,Intel Celeron 2957U Processor, 6 GB RAM, ADATA 128 GB SSD, Win 10 home ver 22H2
                Frontdesk: Beelink T4 8GB

                Comment


                • #9
                  Welcome back Denty, long time no see!

                  Comment


                  • #10
                    Welcome back!
                    Originally posted by DentyCracker View Post
                    Need to update my sig
                    Does that mean you'll be sticking around more?
                    pixar
                    Dream as if you'll live forever. Live as if you'll die tomorrow. (James Dean)

                    Comment

                    Working...
                    X