Results 1 to 7 of 7

Thread: Wanacrypt - patch your systems now if you haven't yet

  1. #1
    Super MURCer UtwigMU's Avatar
    Join Date
    Jul 2002
    Location
    k.u.k.
    Posts
    4,735

    Default Wanacrypt - patch your systems now if you haven't yet

    As I read somewhere: You know the shit has hit the fan when Microsoft issued a patch for Windows XP in 2017.

    Large organizations such as national telecoms, Renault, Sberbank are affected:
    https://en.wikipedia.org/wiki/WannaC...somware_attack

    German Railroad is using blackboard and chalk for train departures.

    Renault car factory in Slovenia also halted production.

    I backed up and updated all servers over weekend. Today I spent most of the day patching workstations. Also patched some industrial measuring equipment still running Windows XP with the out of band issued XP patch. So far all the places I run are unaffected.

  2. #2
    MURC Writer Elie's Avatar
    Join Date
    Aug 1999
    Location
    Canada
    Posts
    4,613

    Default

    Where can I get the patch? Is it pushed by Microsoft?
    I have one PC at home running XP, it's offline and I will keep it that way, but it's nice to know that there is a patch for it.

  3. #3
    The Berserker Jammrock's Avatar
    Join Date
    Aug 1999
    Location
    Right behind you.
    Posts
    8,943

    Default

    The updates should install with Windows Update. We've been dealing with this issue all week.

    This blog posts covers what you need to know.

    https://blogs.technet.microsoft.com/...crypt-attacks/
    “Inside every sane person there’s a madman struggling to get out”
    –The Light Fantastic, Terry Pratchett

  4. #4

    Default

    Quote Originally Posted by Jammrock View Post
    The updates should install with Windows Update. We've been dealing with this issue all week.

    This blog posts covers what you need to know.

    https://blogs.technet.microsoft.com/...crypt-attacks/
    Hopefully the malware attack will (re?)start a discussion on what type of vulnerabilities should be patched ASAP and which ones are 'safe to stockpile' by state agencies using it to perform espionage...

  5. #5
    The Berserker Jammrock's Avatar
    Join Date
    Aug 1999
    Location
    Right behind you.
    Posts
    8,943

    Default

    There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

    There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.

    https://www.engadget.com/2017/05/15/...ssia-wannacry/
    “Inside every sane person there’s a madman struggling to get out”
    –The Light Fantastic, Terry Pratchett

  6. #6

    Default

    Quote Originally Posted by Jammrock View Post
    There is a US bill in committee that would require national security agencies to reveal exploits to the appropriate company. While the agencies may drag their feet some before disclosing the vulnerabilities (assuming the bill passes into law), it would allow for safer overall computing in the future.

    There is still another problem though, people disabling patching. The patch that fixes WannaCrypt was released in March. The outbreak would not have been as bad if patching was enabled and run on the recommended scheduled. Except places like China and Russia where pirated copies of Windows are apparently pretty common, and patching is blocked.

    https://www.engadget.com/2017/05/15/...ssia-wannacry/
    also some consumers block patching of their Win 7 & 8.1 installs to prevent the Windows 10-esque telemetry to be enabled against their wishes

  7. #7
    The Berserker Jammrock's Avatar
    Join Date
    Aug 1999
    Location
    Right behind you.
    Posts
    8,943

    Default

    There are a lot of ways to block telemetry without blocking patching. People have built a number of automated tools to make it easy.

    http://winaero.com/blog/stop-windows...dows-firewall/

    https://gist.github.com/alirobe/7f3b34ad89a159e6daa1
    “Inside every sane person there’s a madman struggling to get out”
    –The Light Fantastic, Terry Pratchett

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •