Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

Thanks NSA for Global WCRYPT Ransomware. 5.15 update

May 12, 2017 12:05PM PDT

5-15-2017. This just in.
"New versions of the worm launched over the weekend are recoded to skirt the temporary fix."
Those that thought they could skip patching because the worm was disabled are in for a rude wake up call.

5-12-2017. Watch it spread at https://intel.malwaretech.com/botnet/wcrypt

If you have your Windows 10 all patched up, you're fine but I watch folk ask all the time how to block patches so let's hope they survive this one.

Other ways to block it at https://www.reddit.com/r/sysadmin/comments/6asmdn/what_can_we_do_to_protect_against_wcrypt_right/

May 14 2015 update: Some four letter words but patches for most Windows versions are noted at http://imgur.com/gallery/Hl9Kt

Post was last edited on May 15, 2017 12:51 PM PDT

Discussion is locked

- Collapse -
More about WCRYPT. CNET coverage at link.
May 12, 2017 12:10PM PDT

Post was last edited on May 12, 2017 12:31 PM PDT

- Collapse -
Yep, Saw It On The TV News This Evening
May 12, 2017 8:08PM PDT

Pretty nasty stuff. It's one more reason to keep your machines patched.

Hope this helps.

Grif

- Collapse -
Here's hoping folk don't post about this.
May 12, 2017 8:30PM PDT

Over the years I've seen a lot of folk want to block Windows patches. This is an example where you want to keep patched.

- Collapse -
BIG NEWS. Microsoft to patch older Windows versions.
May 13, 2017 9:03AM PDT

"Before Friday's attack, Microsoft had made fixes for older systems, such as 2001's Windows XP, available only to mostly larger organizations that paid extra for extended technical support. Microsoft says now it will make the fixes free for everyone."
http://www.tucsonnewsnow.com/story/35420604/huge-cyberattack-forces-microsoft-to-offer-free-tech-fix

"Microsoft quickly changed its policy and announced that it will make security fixes available for free for older Windows systems, which are still used by millions of individuals and smaller businesses."
https://www.yahoo.com/finance/news/uk-working-restore-hospital-systems-cyberattack-094439664--finance.html

- Collapse -
A Kill Switch was found. More at link.
May 13, 2017 9:10AM PDT
- Collapse -
You think this is over? Companies, schools are paying.
May 13, 2017 2:31PM PDT
- Collapse -
Looks like NHS Wales dodged it.
May 13, 2017 3:14PM PDT
- Collapse -
I'd still ask why they didn't patch all their Windows OSes.
May 13, 2017 10:25PM PDT

Inquiring minds.

- Collapse -
Bugs
May 13, 2017 11:44PM PDT

If folks want to run an unpatched or unsupported OS then they leave themselves open.

Perhaps they did not get hit this time but there will be a next time and then a next time...etc.

I don't have much sympathy for folks that go looking for trouble.

- Collapse -
These folks are IT leads of countries.
May 14, 2017 9:15AM PDT

Many are masters of the spin.

I forgot to note that NHS Wales may be dodging the bullets for only a short time. Look at how WCRY works and all it takes is one machine to be infected.

- Collapse -
Masters of spin
May 14, 2017 1:24PM PDT

Sounds like the pols of this country.
Spouting tripe.

Being verbally gifted is a great asset for rising to the top.

- Collapse -
Sorry but I was unclear.
May 14, 2017 1:35PM PDT

It's been my experience the IT leads generally don't patch. Their goals are usually somewhere else chasing elusive goals of everyone on the same patch level and asking for more bucks to test before patching.

I know good and bad IT groups so the better ones stayed patched and the worst ones would stand in the way of getting the work done.

- Collapse -
You were clear
May 15, 2017 3:22AM PDT

I suspect there will be a lot of meetings going on and a lot of spin as to who's to blame.

Msft, money for more testing, the vendor of some product...etc.

Whatever plays out there will be more of this stuff coming down the pipe.

- Collapse -
Wow, windows is costing more and more
May 15, 2017 6:44AM PDT

....each day. sure glad I used Linux instead. Wink Devil

- Collapse -
WannaCrypt
May 15, 2017 11:54AM PDT

The scale of this has been enormous.

We posted about this early Friday in our blog; at that time our threat labs had seen ~50,000 incidents (Avast blocks WanaCrypt0r 2.0)

As of today, we're seeing ~213,000 incidents across 112 countries worldwide. Our threat labs recommend staying protected, patched, and educated!

- Collapse -
CNET Info on WannaCry ransomware FAQ & How to
May 16, 2017 10:14AM PDT