WannaCry - Please apply security updates for Windows!

spin · May 14, 2017, 5:52pm

Basics

In case you’ve been under a rock there is a massive RansomWare infection doing the rounds. Read more here:

It infects systems via phishing but also spreads via SMB protocol somehow. This is done with 0-days released as part of the leaked NSA hacking tools. So it does not need user intervention to spread.

Patching

Please patch your systems as I don’t want this on the wug, if it’s not already doing the rounds. Patches are even available for older Windows OS including Windows XP and Windows Server 2003:

Patch your systems!

Downloading patches on the wug

@Jypels will shortly make those patches available for download in the usual place. I’ve also asked the owners of WSUS servers to make sure the latest patches are available on them.

More info

https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/
http://stackoverflow.com/questions/43952057/how-to-protect-from-wcrypt-wanna-cry

Jypels · May 14, 2017, 5:55pm

@Spin please remember to patch finances aswell if you havent allready. Thanks

spin · May 14, 2017, 5:59pm

Keep forgetting CTWUG also has a windows machine

Patching now.

spin · May 14, 2017, 6:06pm

Can those with WSUS servers ensure that it’s up to date so we can roll patches for WannaCry out on the WUG also please.
@Tinuva, @Stiaanm @anglosaxon

anglosaxon · May 14, 2017, 6:30pm

Updated Welcome to use

http://server.anglosaxon.ctwug.za.net/index.php/wsus/

Registry File

Tinuva · May 14, 2017, 6:54pm

Dont have a choice, WSUS updates each day, but mine is up to date as of 14th May 18h30

Stiaanm · May 14, 2017, 8:05pm

Mine’s been done, updating twice per day. Switched over to a new server that seems to give me some issues now & then, switching back to the old one for now…

Beetle001 · May 16, 2017, 6:44am

This is entirely @King who is to blame for this.

spin · May 16, 2017, 7:12am

Can someone take him behind the shed?

King · May 17, 2017, 4:20pm

I’m sure you coerced me into doing this.

Is this to reward me for my efforts?!

spin · May 20, 2017, 6:39pm

Seems Windows 7 was most affected:

spin · May 22, 2017, 3:33pm

There are still guys exploiting these vulnerabilities. Apparently this one uses more NSA leaked exploits and is more sneaky. It just sits and waits for commands.

voyager · May 22, 2017, 5:46pm

Do your updates i had one of these viruses ones a year or so ago lost 2or3tb of stuff the virus hides in user appdata roaming microsoft folder i had to use total comander to see it windows couldn’t even see it and i had show hidden files and protected files on total comander was only app that could see it

razor1 · June 27, 2017, 8:27pm

PSA: New ransomware campaign (Petya/GoldenEye) being conducted that will render your computer unbootable if infected. Relies on WannaCry exploit (MS17-010). Make sure your machines are patched and updated to avoid infection (https://www.reddit.com/r/pcmasterrace/comments/6ju1mp/psa_new_ransomware_campaign_petyagoldeneye_being/)

Naruto · June 28, 2017, 6:31am

dankie Razor
ek lees nou juis ,hulle praat dat hy die big brother van wannacry is

anglosaxon · June 28, 2017, 7:14am

Naruto · June 28, 2017, 11:50am

die IT gurus werk vinnig