ak88

WannaCry patch?

6 posts in this topic

Posted (edited)

Does anyone know if there is a patch for this? I have tried the Win 7 and Server 2008 R2 patches but neither are for the system when I try to apply.

 

I have used powershell to disable SMBv1 but not sure this is enough:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

 

Thanks

 

Edit: Turns out it was because I was patched already, on a lot of boxes with auto updates I have seen today the patch was missing but it wasn't on this one thankfully. FYI the Server 2008 r2 patch is the one to use.

Edited by ak88

Share this post


Link to post
Share on other sites

If you have the patch, then you should be fine.  Otherwise, the powershell command should take care of it.

 

That said, either takes care of it spreading from machine to machine, and it's already been shut down.  But better to patch a vulnerability...

Share this post


Link to post
Share on other sites

Not sure what its like from a media POV for you guys in the states but there were a lot of media outlets saying it was an attack on the NHS, people then repeating the same thing on social media, blaming Microsoft, calling the hackers scum that could kill someone etc so much misinformation these days, only takes one dumbass on the news to misquote or get something wrong and its all over the place and you never seem to get anyone appologise for spreading shit, its all about getting the story out first, facts be damned...

Share this post


Link to post
Share on other sites

We saw a lot of that, but not as much, I think.  And yeah, sensationalized shit always spreads faster than boring facts.

However, I did see some analysis that fingers North Korea as the origin of this malware. (and that this was particularly sloppy malware). Personally, I find that chilling, considering the whole missile testing they're doing.  Couple a massive malware attack with military action.... it's outright terrifying. 

As for blaming Microsoft, well they're releasing an out of band batch for XP/Server 2003, so that says a hell of a lot. Blame them if you want, but nobody should be running these OS's anyways. If you are still running these OS's, then it's pretty much entirely your fault here. 

 

Share this post


Link to post
Share on other sites

Yeah theres talk of it being North Korea, although the apparent tools and exploits were found by the NSA and they didnt tell anyone, so yeah, naughty North Korea, but the NSA, lets not talk about that bit... hmmmmm...

Share this post


Link to post
Share on other sites

Yup, NSA, CIA, FBI, etc have been stockpiling exploits, as I'm sure other gov'ts have been as well.  Microsoft released a statement about this, as well.  Basically, that it's harming everyone, especially consumers and businesses, as this attack perfectly illustrated. 

A security vulnerability affects everyone. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now