Page 7 of 11 FirstFirst ... 56789 ... LastLast
  1.    15 May 2017 #61
    Join Date : Dec 2013
    Portsmouth Hampshire
    Posts : 1,826
    Windows 10 x86 14383 Insider Pro and Core 10240

    Don't tell them, point them here:

    Microsoft Update Catalog)

    Click image for larger version. 

Name:	image.png 
Views:	7 
Size:	208.7 KB 
ID:	135089

    then get them to download and run the relevant patch for their system before any emails are looked at.

    If you are patched for this SMB exploit, then expect that any copycat SMB-based exploits are likely to fail until a new vulnerability is exploited - the patch itself may have vulnerabilities!
      My ComputersSystem Spec
  2.    15 May 2017 #62
    Join Date : Oct 2013
    Newport, South Wales, UK
    Posts : 1,807
    Windows 10 Pro x64 FCU - XP/Vista/Win7/Win8.1 in VM for testing

    I would tell them to make sure they have patched their system and not use it until they do. but then again I was a system administrator for many years
      My ComputerSystem Spec
  3.    15 May 2017 #63
    Join Date : Aug 2015
    Posts : 611
    W10 Home 1703

    Well, appreciated gentleman.
    I understand that we can not talk about how to build a nuclear bomb in this public forum.
    I'll find it.
      My ComputerSystem Spec
  4.    15 May 2017 #64
    Join Date : Jan 2014
    Posts : 1,391
    Windows 10 Pro (32-bit) 16299.15

    Quote Originally Posted by Barman58 View Post
    Microsoft has also released fixes for the vulnerability for unsupported OS's such at XP Vista and several server systems.
    I think Vista was still in support at the time the fix was released (in March), so Vista users should have been able to get the patch already and would already have it if Windows Update was switched on and working. I don't think Microsoft issued an additional patch for Vista at the weekend.

    Quote Originally Posted by Barman58 View Post
    Windows 10 has never had the vulnerability
    I'm confused by the status of Windows 10, as my reading of the Technet article on MS17-010 was that Windows 10 was affected. But I also read something saying Windows 10 was immune.

    I did wonder if this particular WannaCrypt code didn't work on Windows 10, but another malware variety could use the same vulnerability to attack unpatched Windows 10 systems? Can anyone clarify this?
      My ComputerSystem Spec
  5.    15 May 2017 #65
    Join Date : Oct 2013
    Newport, South Wales, UK
    Posts : 1,807
    Windows 10 Pro x64 FCU - XP/Vista/Win7/Win8.1 in VM for testing

    David, I see what you mean, confusing it is, only thing I notice is that it only goes up to 1607 so that may mean that the patch was baked into the CU on release which was where the confusion could have started
      My ComputerSystem Spec
  6.    15 May 2017 #66
    Join Date : Oct 2014
    Posts : 2,457
    W10 Pro + W10 Preview

    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
      My ComputersSystem Spec
  7.    15 May 2017 #67
    Join Date : Jul 2014
    Serbia
    Posts : 10,427
    W10 Insider + Linux

    Quote Originally Posted by dencal View Post
    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
    It's good thing so much publicity is given to this but there were other scares in the past.
      My ComputersSystem Spec
  8.    15 May 2017 #68

    Quote Originally Posted by DavidY View Post
    It turns out that this stopped me accessing my old NAS drive (at least the way I've been using it) so I've been going round turning SMB1 back on again.

    I should perhaps have thought of that and tested it before switching it off in multiple places.

    Oh, and it turns out that when you switch Features like this back on again, it uses Windows Update, so on a laptop where Windows Update is broken, it's not so straightforward to switch on again. Luckily Shawn's tutorial to Reset Windows Update worked, although even then I had a struggle to kill off the service to run the tutorial.

    @DavidY

    Hi there
    On the SAMBA config on your NAS box set it to SMB2 or 3 - then that should allow you to remove SMB1 from Windows.

    Do it in the GLOBAL section --file is called smb.conf and usually exists in folder /etc/samba
    ..........................
    [global]
    max protocol = SMB3
    # can set it to SMB2 if you want experimental SMB2 support.
    #
    workgroup = WORKGROUP
    server string = Samba Server Version %v

    ; max protocol = SMB2

    log file = /var/log/samba/log.%m
    max log size = 50
    security = user
    passdb backend = tdbsam
    name resolve order = bcast host lmhosts wins


    .....................................................

    You need to restart the smb and nmb (or depending on your system - might be called smbd and nmbd) services - or probably better re-boot the NAS server.

    Check with (as root or sudo user) that the config file is OK with TESTPARM.

    Another idea is to password protect the access -- use (again as root) smbpasswd -a user (user = username you wish to use).
    you'll get prompted for a password on the console --just enter it.

    You might on a remote TV / Firestick if you need to access files on the server have to enter a password to re-connect again. I'm though using KODI on an amazon firestick for accessing multi-media -- it also required a 1 time password entry after I'd made the changes.

    Test on 1 Windows client box (or a laptop) first before changing a whole slew of computers -- It's AGES since I was messing around with this so you might need to incorporate some other windows changes too.

    Here's info on enabling / disabling SMB2/3 for W2012 server -- works also for W10 but check also for updates

    https://support.microsoft.com/en-us/...ws-server-2012

    Cheers
    jimbo
      My ComputerSystem Spec
  9.    15 May 2017 #69

    Quote Originally Posted by CountMike View Post
    It's good thing so much publicity is given to this but there were other scares in the past.
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!! --- reports are saying NHS in the UK had the fix in MARCH but a lot of the Hospital trusts didn't apply it --- now surely that's NOT MONEY -- the people at the top should have insisted that these fixes were applied - still bet nobody at the top loses their job.

    Cheers
    Jimbo
      My ComputerSystem Spec
  10.    15 May 2017 #70
    Join Date : Jul 2014
    Serbia
    Posts : 10,427
    W10 Insider + Linux

    Quote Originally Posted by jimbo45 View Post
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!!

    Cheers
    Jimbo
    That's already politics and yet another reason to be mistrusted. Who knows what else is cooking behind the curtains, this is just one that run away.
      My ComputersSystem Spec

 
Page 7 of 11 FirstFirst ... 56789 ... LastLast


Similar Threads
Thread Forum
Today's leading causes of DDoS attacks
Read more: Today's leading causes of DDoS attacks | ZDNet
Windows 10 News
Windows 10: protection against recent Depriz malware attacks
Source: Windows 10: protection, detection, and response against recent Depriz malware attacks Microsoft Malware Protection Center
Windows 10 News
Multi-Vector DDoS Attacks Are Becoming the Norm
Multi-Vector DDoS Attacks Are Becoming the Norm 47% of all multi-vector DDoS attacks were launched in Q4 '15 72430 Read more: http://news.softpedia.com/news/multi-vector-ddos-attacks-are-becoming-the-norm-502416.shtml
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 11:22.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums