Register - Login
Views: 95159908
Main - Memberlist - Active users - Calendar - Wiki - IRC Chat - Online users
Ranks - Rules/FAQ - Stats - Latest Posts - Color Chart - Smilies
09-20-18 08:31:53 AM

Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever) New poll - New thread - New reply
Next newer thread | Next older thread
RanAS
Member
Level: 39


Posts: 241/464
EXP: 379389
For next: 25382

Since: 10-10-14

From: Brazil

Since last post: 9 hours
Last activity: 14 min.

Posted on 05-14-17 07:17:49 AM Link | Quote
Wikipedia article.

You've probably already heard of this. Then again, you should, it's kinda bad.

An exploit known as EternalBlue was used by the NSA to invade computers running Windows for quite some time now. On March 14th, a Windows Update patch was made available for Vista, 7, 8.1 and 10. On April 14th, the exploit was leaked on the internet by a hacker group. And two days ago, on May 12th, a widespread ransomware that used that exploit spread very quickly throughout the world, taking down systems from organizations such as FedEx, Renault, Telefónica and even a part of the government in the state of São Paulo, Brazil. After the attack, Microsoft released a patch for older systems such as Windows XP, Server 2003 and Windows 8.0.

The attack was mostly controlled due to what is believed to be a programming mistake, thankfully. The program tries to connect to a website that doesn't exist and send data to it. Someone registered the domain to analyze the data and the program is now having a harder time spreading from system to system. There's been warnings, though, that other variations can and probably will be made without this error, and unpatched systems should still be patched as soon as possible.

These are very recent news so there might be some inaccuracies here and there, so I recommend doing some reading about it if you can. Now's one of the few times where we might actually have to install an Windows Update, for those of us that like to keep it disabled most of the time. Make sure you keep shady telemetry updates away though (not many and I believe they're all optional updates, there's a few lists of them online if you want to know which ones to avoid).

Here's a few links to some Microsoft sites, regarding the vulnerability patch:

For Windows Vista, 7, 8.1, 10 and Server (2008, 2012 and 2016): Link
For Windows XP, 8 and Server 2003: Link
einstein95
Member
Level: 34


Posts: 286/315
EXP: 249291
For next: 4360

Since: 04-11-13


Since last post: 89 days
Last activity: 2 days

Posted on 05-14-17 07:22:40 AM Link | Quote
And as of today, there are reports that there are versions that lack the website check.
Zero One
5160
And as we fall the spirit carries on,
That a hero'll come and save us all,
As we call the ones we left below,
We all dream of the day we rise above
Level: 122


Posts: 5039/5163
EXP: 20457131
For next: 180882

Since: 05-24-10

From: Delta Quadrant

Since last post: 35 days
Last activity: 23 days

Posted on 05-14-17 02:12:22 PM Link | Quote
Yep, updated versions have been released that lack the killswitch. Make sure you keep your systems up to date!
SamEarl13

Nipper Plant
Trying (and failing) to learn Lua.
Level: 40


Posts: 408/419
EXP: 421002
For next: 20307

Since: 02-14-12


Since last post: 185 days
Last activity: 182 days

Posted on 05-14-17 04:48:56 PM Link | Quote
Sad that this stuff doesn't surprise me, the NSA want all these different companies to build backdoors into things despite the fact that they're obviously not going to be the only people using them
Cuber456

Fuzzy
Don't mind me. Just passing through.
Level: 52


Posts: 728/776
EXP: 1060140
For next: 23700

Since: 02-19-12

From: Everywhere at once.

Since last post: 214 days
Last activity: 214 days

Posted on 05-14-17 10:21:09 PM Link | Quote
Now is a good time as any to backup your hard drive(s).
Gabu

Star Mario
Placeholder Ikachan until :effort: is found
Level: 164


Posts: 9600/9861
EXP: 56491850
For next: 1210540

Since: 08-10-09

Pronouns: they/them, she/her
From: Santa Cruisin' USA

Since last post: 1 day
Last activity: 6 hours

Posted on 05-16-17 11:33:08 AM Link | Quote
And probably not so much getting a new laptop.

Thought it was bad, had a special announcement at work last Friday on the PA regarding a security update, implying IT would be working over the weekend as well, and I kinda put two and two together with the news, but I didn't think it was this bad.
dotUser

Level: 86


Posts: 2201/2312
EXP: 5978817
For next: 163290

Since: 10-19-10

Pronouns: she/her, they/them

Since last post: 4 days
Last activity: 1 day

Posted on 05-17-17 08:39:27 AM Link | Quote
The vulnerability it exploits is something Microsoft has been wanting to kill for a long time now, too. So on top of patching, may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)
Cuber456

Fuzzy
Don't mind me. Just passing through.
Level: 52


Posts: 729/776
EXP: 1060140
For next: 23700

Since: 02-19-12

From: Everywhere at once.

Since last post: 214 days
Last activity: 214 days

Posted on 05-17-17 09:18:46 PM Link | Quote
Originally posted by dotUser
may as well just disable the entire feature (SMBv1 Protocol or whatever, ancient server communication method that should be long gone by now anyway)

That's what I did. Googling what it was, it looked ancient and I figured disabling it probably wouldn't break much. If it does then I'll cross that bridge when I come to it.
Next newer thread | Next older thread
Jul - News - Wide-spread ransomware "WannaCry" (and also the exploit that's in every Windows ever) New poll - New thread - New reply




Rusted Logic

Acmlmboard - commit 5d36857 [2018-03-03]
©2000-2018 Acmlm, Xkeeper, Inuyasha, et al.

30 database queries, 1 query cache hits.
Query execution time: 0.178632 seconds
Script execution time: 0.013065 seconds
Total render time: 0.191697 seconds
Memory used: 786432