On May 12, 2017 "WannaCry" malware began exploiting a vulnerability in most versions of Windows dating back to XP. A month earlier, Microsoft identified the risk and responded with a patch (Critical Security Bulletin MS17-010) that required rebooting after installation. Many servers and end-user pcs were left vulnerable in more than 150 countries.
The malware sneaks through SMB ports, then encrypts a user's data and presents a growing ransom demand, starting at $300 and growing to $600, after which the garbled data is lost forever without a valid external backup. Once active it spreads quickly to other PCs in the same network.
Solution: Apply Security Update patch for Microsoft Windows (4013389). A restart will be required to complete the update.
Workaround: Disable SMBv1 on client and server computers, but do not disable SMBv2 or v3. Additionally, block SMB ports (139, 445) from all externally accessible hosts. A restart will be required to complete the workaround.
Hosted - Your servers and workstations have been patched.
Managed - Your servers and workstations have been patched.
Time & Materials- Call our Support Team immediately.
We installed Microsoft's patch shortly after release on our Hosted and Managed client computers, providing protection weeks before WannaCry surprised the world. When LeeShanok performs monthly Network Update Checks, we also apply critical server patches that address this type of vulnerability. If your network is not receiving regular maintenance, call us to review your situation and plan for the update.
Your Technology Partner,
The LeeShanok Team Tucson