Windows 10: Ransomware attacks reported on Windows machines internationally

Page 7 of 11 FirstFirst ... 56789 ... LastLast

  1. Posts : 1,925
    Windows 10 x86 14383 Insider Pro and Core 10240
       15 May 2017 #60

    Don't tell them, point them here:

    Microsoft Update Catalog)

    Click image for larger version. 

Name:	image.png 
Views:	7 
Size:	208.7 KB 
ID:	135089

    then get them to download and run the relevant patch for their system before any emails are looked at.

    If you are patched for this SMB exploit, then expect that any copycat SMB-based exploits are likely to fail until a new vulnerability is exploited - the patch itself may have vulnerabilities!
      My ComputersSystem Spec


  2. Posts : 2,395
    Windows 10 Pro x64 1803 - XP/Vista/Win7/Win8.1 in VM for testing
       15 May 2017 #61

    I would tell them to make sure they have patched their system and not use it until they do. but then again I was a system administrator for many years
      My ComputerSystem Spec

  3.    15 May 2017 #62

    Well, appreciated gentleman.
    I understand that we can not talk about how to build a nuclear bomb in this public forum.
    I'll find it.
      My ComputerSystem Spec


  4. Posts : 1,437
    Windows 10 Pro (32-bit) 16299.15
       15 May 2017 #63

    Barman58 said: View Post
    Microsoft has also released fixes for the vulnerability for unsupported OS's such at XP Vista and several server systems.
    I think Vista was still in support at the time the fix was released (in March), so Vista users should have been able to get the patch already and would already have it if Windows Update was switched on and working. I don't think Microsoft issued an additional patch for Vista at the weekend.

    Barman58 said: View Post
    Windows 10 has never had the vulnerability
    I'm confused by the status of Windows 10, as my reading of the Technet article on MS17-010 was that Windows 10 was affected. But I also read something saying Windows 10 was immune.

    I did wonder if this particular WannaCrypt code didn't work on Windows 10, but another malware variety could use the same vulnerability to attack unpatched Windows 10 systems? Can anyone clarify this?
      My ComputerSystem Spec


  5. Posts : 2,395
    Windows 10 Pro x64 1803 - XP/Vista/Win7/Win8.1 in VM for testing
       15 May 2017 #64

    David, I see what you mean, confusing it is, only thing I notice is that it only goes up to 1607 so that may mean that the patch was baked into the CU on release which was where the confusion could have started
      My ComputerSystem Spec


  6. Posts : 2,707
    W10 Pro + W10 Preview
       15 May 2017 #65

    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
      My ComputersSystem Spec

  7.    15 May 2017 #66

    dencal said: View Post
    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
    It's good thing so much publicity is given to this but there were other scares in the past.
      My ComputersSystem Spec

  8.    15 May 2017 #67

    DavidY said: View Post
    It turns out that this stopped me accessing my old NAS drive (at least the way I've been using it) so I've been going round turning SMB1 back on again.

    I should perhaps have thought of that and tested it before switching it off in multiple places.

    Oh, and it turns out that when you switch Features like this back on again, it uses Windows Update, so on a laptop where Windows Update is broken, it's not so straightforward to switch on again. Luckily Shawn's tutorial to Reset Windows Update worked, although even then I had a struggle to kill off the service to run the tutorial.

    @DavidY

    Hi there
    On the SAMBA config on your NAS box set it to SMB2 or 3 - then that should allow you to remove SMB1 from Windows.

    Do it in the GLOBAL section --file is called smb.conf and usually exists in folder /etc/samba
    ..........................
    [global]
    max protocol = SMB3
    # can set it to SMB2 if you want experimental SMB2 support.
    #
    workgroup = WORKGROUP
    server string = Samba Server Version %v

    ; max protocol = SMB2

    log file = /var/log/samba/log.%m
    max log size = 50
    security = user
    passdb backend = tdbsam
    name resolve order = bcast host lmhosts wins


    .....................................................

    You need to restart the smb and nmb (or depending on your system - might be called smbd and nmbd) services - or probably better re-boot the NAS server.

    Check with (as root or sudo user) that the config file is OK with TESTPARM.

    Another idea is to password protect the access -- use (again as root) smbpasswd -a user (user = username you wish to use).
    you'll get prompted for a password on the console --just enter it.

    You might on a remote TV / Firestick if you need to access files on the server have to enter a password to re-connect again. I'm though using KODI on an amazon firestick for accessing multi-media -- it also required a 1 time password entry after I'd made the changes.

    Test on 1 Windows client box (or a laptop) first before changing a whole slew of computers -- It's AGES since I was messing around with this so you might need to incorporate some other windows changes too.

    Here's info on enabling / disabling SMB2/3 for W2012 server -- works also for W10 but check also for updates

    https://support.microsoft.com/en-us/...ws-server-2012

    Cheers
    jimbo
      My ComputerSystem Spec

  •    15 May 2017 #68

    CountMike said: View Post
    It's good thing so much publicity is given to this but there were other scares in the past.
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!! --- reports are saying NHS in the UK had the fix in MARCH but a lot of the Hospital trusts didn't apply it --- now surely that's NOT MONEY -- the people at the top should have insisted that these fixes were applied - still bet nobody at the top loses their job.

    Cheers
    Jimbo
      My ComputerSystem Spec

  •    15 May 2017 #69

    jimbo45 said: View Post
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!!

    Cheers
    Jimbo
    That's already politics and yet another reason to be mistrusted. Who knows what else is cooking behind the curtains, this is just one that run away.
      My ComputersSystem Spec


  •  
    Page 7 of 11 FirstFirst ... 56789 ... LastLast

    Related Threads
    Read more: Today's leading causes of DDoS attacks | ZDNet
    Source: Windows 10: protection, detection, and response against recent Depriz malware attacks Microsoft Malware Protection Center
    Multi-Vector DDoS Attacks Are Becoming the Norm 47% of all multi-vector DDoS attacks were launched in Q4 '15 72430 Read more: http://news.softpedia.com/news/multi-vector-ddos-attacks-are-becoming-the-norm-502416.shtml
    Our Sites
    Site Links
    About Us
    Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

    © Designer Media Ltd
    All times are GMT -5. The time now is 16:12.
    Find Us