Friday, May 19, 2017

Shadow Brokers/NSA Malware Update - Haven't Patched? Do It Now.



The Shadow Brokers data dump is the gift that keeps on giving.

It wasn't just the victims and good guys who took notice of the unbridled spread of the WannaCry ransomware worm. The bad guys paid attention, too. And now more SMBv1-based attacks have been unleashed or are in active development.

If you have an older Windows machine and think you're out of luck there's good news. Microsoft recently released updates for their outdated/unsupported operating systems going back to Windows XP. The updates are unusual because Microsoft makes it a practice to never update end-of-life operating systems and software. They prefer to spend development cycles on new products and those under their support contracts. This is a special case, though, as many of the devices infected by WannaCry and being targeted by the new malware include embedded operating systems (things like ATMs and point-of-sale systems) that *can't* be easily updated.

It's also worth noting that, according to NetMarketShare.com, Windows 10 is lagging behind its older predecessors in terms of adoption. Windows 7 makes up nearly half (48.5%) of the current operating systems in use today while XP, Vista, 8 and 8.1 combine to make up over 16%. That's a whole lot of unpatched exposure.

For those with XP, Vista, 8, 8.1, Server 2003 or Server 2008, you can find standalone updates to protect against the SMBv1 exploits here:
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

For some reason Microsoft made the Windows 7 and Server 2008 R2 standalone updates separate from the above batch. You can find them here:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4012215

What are you still doing here? Go patch now!

No comments:

Post a Comment