Register - Login
Views: 86359018
Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users
Ranks - Rules/FAQ - JCS - Stats - Latest Posts - Color Chart - Smilies
10-17-17 11:39:39 AM

Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever) New poll - New thread - New reply
Next newer thread | Next older thread
RanAS
Member
Level: 30


Posts: 241/283
EXP: 158110
For next: 7759

Since: 10-10-14
From: Brazil

Since last post: 1 day
Last activity: 1 day

Posted on 05-14-17 07:17:49 AM Link | Quote
Wikipedia article.

You've probably already heard of this. Then again, you should, it's kinda bad.

An exploit known as EternalBlue was used by the NSA to invade computers running Windows for quite some time now. On March 14th, a Windows Update patch was made available for Vista, 7, 8.1 and 10. On April 14th, the exploit was leaked on the internet by a hacker group. And two days ago, on May 12th, a widespread ransomware that used that exploit spread very quickly throughout the world, taking down systems from organizations such as FedEx, Renault, Telefónica and even a part of the government in the state of São Paulo, Brazil. After the attack, Microsoft released a patch for older systems such as Windows XP, Server 2003 and Windows 8.0.

The attack was mostly controlled due to what is believed to be a programming mistake, thankfully. The program tries to connect to a website that doesn't exist and send data to it. Someone registered the domain to analyze the data and the program is now having a harder time spreading from system to system. There's been warnings, though, that other variations can and probably will be made without this error, and unpatched systems should still be patched as soon as possible.

These are very recent news so there might be some inaccuracies here and there, so I recommend doing some reading about it if you can. Now's one of the few times where we might actually have to install an Windows Update, for those of us that like to keep it disabled most of the time. Make sure you keep shady telemetry updates away though (not many and I believe they're all optional updates, there's a few lists of them online if you want to know which ones to avoid).

Here's a few links to some Microsoft sites, regarding the vulnerability patch:

For Windows Vista, 7, 8.1, 10 and Server (2008, 2012 and 2016): Link
For Windows XP, 8 and Server 2003: Link
einstein95
Member
Level: 33


Posts: 286/305
EXP: 216395
For next: 12784

Since: 04-11-13


Since last post: 29 days
Last activity: 7 hours

Posted on 05-14-17 07:22:40 AM Link | Quote
And as of today, there are reports that there are versions that lack the website check.
Zero One
5090
And as we fall the spirit carries on,
That a hero'll come and save us all,
As we call the ones we left below,
We all dream of the day we rise above
Level: 119


Posts: 5039/5094
EXP: 18901800
For next: 27491

Since: 05-24-10
From: Delta Quadrant

Since last post: 15 days
Last activity: 8 days

Posted on 05-14-17 02:12:22 PM Link | Quote
Yep, updated versions have been released that lack the killswitch. Make sure you keep your systems up to date!
SamEarl13

Nipper Plant
Trying (and failing) to learn Lua.
Level: 39


Posts: 408/417
EXP: 387579
For next: 17192

Since: 02-14-12


Since last post: 2 days
Last activity: 2 days

Posted on 05-14-17 04:48:56 PM Link | Quote
Sad that this stuff doesn't surprise me, the NSA want all these different companies to build backdoors into things despite the fact that they're obviously not going to be the only people using them
Cuber456

Melon Bug
Don't mind me. Just passing through.
Level: 50


Posts: 728/747
EXP: 928282
For next: 19035

Since: 02-19-12
From: Everywhere at once.

Since last post: 10 days
Last activity: 2 days

Posted on 05-14-17 10:21:09 PM Link | Quote
Now is a good time as any to backup your hard drive(s).
Gabu

Star Mario
Placeholder Ikachan until :effort: is found
Level: 160


Posts: 9600/9695
EXP: 52201252
For next: 751747

Since: 08-10-09
From: Santa Cruisin' USA

Since last post: 2 days
Last activity: 12 hours

Posted on 05-16-17 11:33:08 AM Link | Quote
And probably not so much getting a new laptop.

Thought it was bad, had a special announcement at work last Friday on the PA regarding a security update, implying IT would be working over the weekend as well, and I kinda put two and two together with the news, but I didn't think it was this bad.
dotUser

Level: 83


Posts: 2201/2240
EXP: 5358367
For next: 73854

Since: 10-19-10


Since last post: 10 days
Last activity: 2 hours

Posted on 05-17-17 08:39:27 AM Link | Quote
The vulnerability it exploits is something Microsoft has been wanting to kill for a long time now, too. So on top of patching, may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)
Cuber456

Melon Bug
Don't mind me. Just passing through.
Level: 50


Posts: 729/747
EXP: 928282
For next: 19035

Since: 02-19-12
From: Everywhere at once.

Since last post: 10 days
Last activity: 2 days

Posted on 05-17-17 09:18:46 PM Link | Quote
Originally posted by dotUser
may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)

That's what I did. Googling what it was, it looked ancient and I figured disabling it probably wouldn't break much. If it does then I'll cross that bridge when I come to it.
Next newer thread | Next older thread
Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever) New poll - New thread - New reply




Rusted Logic

Acmlmboard - commit 2f1bc75 [2017-08-27]
©2000-2017 Acmlm, Xkeeper, Inuyasha, et al.

30 database queries, 1 query cache hits.
Query execution time: 0.162088 seconds
Script execution time: 0.007499 seconds
Total render time: 0.169587 seconds