Internet Ransomware attacks reported in Europe.

Urwumpe · May 13, 2017

RisingFury said:
Are regular users getting hit at all or is it just business / institutions?

Not sure. I mostly get institutional reports here. Initial attack by email, later by SMB.

Andy44 · May 13, 2017

jangofett287 said:
Also, if you want an idea of how bad this is, Microsoft have released a patch for Windows XP.:

Wow.

RisingFury · May 13, 2017

Just a reminder: If you disable your SMBv1 server, don't forget to restart your computer for the change to take effect.

Notebook · May 13, 2017

Related to jangofett283 in#13 above.

http://www.bbc.co.uk/news/technology-39907049

N.

RisingFury · May 14, 2017

Microsoft confirms that the exploit does in fact utilize the exploit developed by the NSA and stolen from them:

https://blogs.microsoft.com/on-the-...cyberattack/#sm.001m44a8p145bf9vzgn1g5uhft6kb

Early Friday morning the world experienced the year’s latest cyberattack.

Starting first in the United Kingdom and Spain, the malicious “WannaCrypt” software quickly spread globally, blocking customers from their data unless they paid a ransom using Bitcoin. The WannaCrypt exploits used in the attack were drawn from the exploits stolen from the National Security Agency, or NSA, in the United States.

SolarLiner · May 15, 2017

For those who wish to see the ransomware in action (plus check out the channel full of viruses and old old OSes!)

Artlav · May 16, 2017

jangofett287 said:
Microsoft have released a patch for Windows XP.

I'm not the type for conspiracy theories, but there is something fishy about that patch.

Take a look at the XP SP3 update file.
As necessary, it is digitally signed by Microsoft.
Take a look at the timestamp in the signature.
It's February 11th, 2017.

The embedded one is 17th, the 2003 server one is 12th, Win 8th one is 13th.

That's a full month before the official update was released, on March 17th.
For comparison, Win 10 one is dated March 6th.

This is suspicious.
Doesn't really prove anything - they might have known the severity of the vulnerability and prepared for it in advance.

But it's still suspicious - why prepare such updates beforehand, but not release them?
It's as if they expected something big to happen to then produce a quick fix.

jedidia · May 16, 2017

But it's still suspicious - why prepare such updates beforehand, but not release them?

One month from final versioning to deployment doesn't seem excessively long to me, at least not for a company like Microsoft.

Urwumpe · May 16, 2017

Artlav said:
But it's still suspicious - why prepare such updates beforehand, but not release them?

Acceptance testing.

After compilation and packaging, the build artefacts are no longer changed. They remained signed with their build date - despite now getting deployed into increasingly larger and more real world-like installations.

Microsoft made a lot of bad experiences with poorly tested security updates, of course they want to make sure everything operates fine. The bad security updates in the past have caused a lot of damage alone by reducing the acceptable of Microsoft updates as whole.

Artlav · May 16, 2017

Urwumpe said:
Acceptance testing.

Huh? The updates for Win 10 were released, the ones for Win XP weren't, but they were prepared.

Why prepare an XP update long in advance, but not release it until after the hole was exploited?

Urwumpe · May 16, 2017

Artlav said:
Huh? The updates for Win 10 were released, the ones for Win XP weren't, but they were prepared.

Why prepare an XP update long in advance, but not release it until after the hole was exploited?

Well, XP is no longer supported at all, so testing it was very likely lowest priority - without the exploit going wild, releasing the package would not even have been necessary.

Notebook · May 16, 2017

Maybe Microsoft wants to see XP dead and buried? If they keep patching it, its supporters may think it will go on forever...

N.

jangofett287 · May 16, 2017

I have read some people pay for a custom support plan for Windows XP which continues to supply "Critical patches".

Urwumpe · May 16, 2017

jangofett287 said:
I have read some people pay for a custom support plan for Windows XP which continues to supply "Critical patches".

Yes - even a serious lot of money. Its pretty stupid, too often the only reason for paying this money is, that they failed to execute the transition away from XP when there had been years of time left to do this. Nothing prevents you from fixing custom software or find a replacement if you know for years that XP will run out.

JMW · May 16, 2017

jangofett287 said:
Also, if you want an idea of how bad this is, Microsoft have released a patch for Windows XP.: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

What is for XP here....
Nothing earlier than Vista, is there?......

OK, disregard this - I'm blind :facepalm:

OMD !
Got an old setup that is XP (x86) but it crashed completely some time back and had to do a complete re-install from an old backup.
Apparently it only had SP2 on it.
Now, this patch says it requires SP3.

Where can I get that ?..........

Notebook · May 23, 2017

Some update for this:

http://www.bbc.co.uk/news/technology-39997581

Internet Ransomware attacks reported in Europe.

Urwumpe

Not funny anymore

Andy44

owner: Oil Creek Astronautix

RisingFury

OBSP developer

Notebook

Addon Developer

RisingFury

OBSP developer

SolarLiner

It's necessary, TARS.

Artlav

Aperiodic traveller

jedidia

shoemaker without legs

Urwumpe

Not funny anymore

Artlav

Aperiodic traveller

Urwumpe

Not funny anymore

Notebook

Addon Developer

jangofett287

Heat shield 'tester'

Urwumpe

Not funny anymore

JMW

Aspiring Addon Developer

Notebook

Addon Developer

Similar threads