Ransomware attacks reported on Windows machines internationally

Page 7 of 11 FirstFirst ... 56789 ... LastLast

  1. Posts : 1,983
    Windows 10 x86 14383 Insider Pro and Core 10240
       #60

    Don't tell them, point them here:

    Microsoft Update Catalog)

    Ransomware attacks reported on Windows machines internationally-image.png

    then get them to download and run the relevant patch for their system before any emails are looked at.

    If you are patched for this SMB exploit, then expect that any copycat SMB-based exploits are likely to fail until a new vulnerability is exploited - the patch itself may have vulnerabilities!
      My Computers


  2. Posts : 4,201
    Windows 10 Pro x64 Latest RP
       #61

    I would tell them to make sure they have patched their system and not use it until they do. but then again I was a system administrator for many years
      My Computers


  3. TV2
    Posts : 2,221
    W10 Pro 22H2
       #62

    Well, appreciated gentleman.
    I understand that we can not talk about how to build a nuclear bomb in this public forum.
    I'll find it.
      My Computers


  4. Posts : 1,524
    Windows 10 Pro (32-bit) 16299.15
       #63

    Barman58 said:
    Microsoft has also released fixes for the vulnerability for unsupported OS's such at XP Vista and several server systems.
    I think Vista was still in support at the time the fix was released (in March), so Vista users should have been able to get the patch already and would already have it if Windows Update was switched on and working. I don't think Microsoft issued an additional patch for Vista at the weekend.

    Barman58 said:
    Windows 10 has never had the vulnerability
    I'm confused by the status of Windows 10, as my reading of the Technet article on MS17-010 was that Windows 10 was affected. But I also read something saying Windows 10 was immune.

    I did wonder if this particular WannaCrypt code didn't work on Windows 10, but another malware variety could use the same vulnerability to attack unpatched Windows 10 systems? Can anyone clarify this?
      My Computer


  5. Posts : 4,201
    Windows 10 Pro x64 Latest RP
       #64

    David, I see what you mean, confusing it is, only thing I notice is that it only goes up to 1607 so that may mean that the patch was baked into the CU on release which was where the confusion could have started
      My Computers


  6. Posts : 3,105
    W10 Pro + W10 Preview
       #65

    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
      My Computers


  7. Posts : 19,516
    W11+W11 Developer Insider + Linux
       #66

    dencal said:
    All these suppositions suggesting new variants are about to be released is pure conjecture.

    You can bet your bottom dollar that with virtually every law enforcement agency in the World on the hunt for the ransomware attackers, they will be keeping a very low profile, in all probability wearing brown trousers.
    It's good thing so much publicity is given to this but there were other scares in the past.
      My Computers


  8. Posts : 11,247
    Windows / Linux : Arch Linux
       #67

    DavidY said:
    It turns out that this stopped me accessing my old NAS drive (at least the way I've been using it) so I've been going round turning SMB1 back on again.

    I should perhaps have thought of that and tested it before switching it off in multiple places.

    Oh, and it turns out that when you switch Features like this back on again, it uses Windows Update, so on a laptop where Windows Update is broken, it's not so straightforward to switch on again. Luckily Shawn's tutorial to Reset Windows Update worked, although even then I had a struggle to kill off the service to run the tutorial.

    @DavidY

    Hi there
    On the SAMBA config on your NAS box set it to SMB2 or 3 - then that should allow you to remove SMB1 from Windows.

    Do it in the GLOBAL section --file is called smb.conf and usually exists in folder /etc/samba
    ..........................
    [global]
    max protocol = SMB3
    # can set it to SMB2 if you want experimental SMB2 support.
    #
    workgroup = WORKGROUP
    server string = Samba Server Version %v

    ; max protocol = SMB2

    log file = /var/log/samba/log.%m
    max log size = 50
    security = user
    passdb backend = tdbsam
    name resolve order = bcast host lmhosts wins


    .....................................................

    You need to restart the smb and nmb (or depending on your system - might be called smbd and nmbd) services - or probably better re-boot the NAS server.

    Check with (as root or sudo user) that the config file is OK with TESTPARM.

    Another idea is to password protect the access -- use (again as root) smbpasswd -a user (user = username you wish to use).
    you'll get prompted for a password on the console --just enter it.

    You might on a remote TV / Firestick if you need to access files on the server have to enter a password to re-connect again. I'm though using KODI on an amazon firestick for accessing multi-media -- it also required a 1 time password entry after I'd made the changes.

    Test on 1 Windows client box (or a laptop) first before changing a whole slew of computers -- It's AGES since I was messing around with this so you might need to incorporate some other windows changes too.

    Here's info on enabling / disabling SMB2/3 for W2012 server -- works also for W10 but check also for updates

    https://support.microsoft.com/en-us/...ws-server-2012

    Cheers
    jimbo
      My Computer


  9. Posts : 11,247
    Windows / Linux : Arch Linux
       #68

    CountMike said:
    It's good thing so much publicity is given to this but there were other scares in the past.
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!! --- reports are saying NHS in the UK had the fix in MARCH but a lot of the Hospital trusts didn't apply it --- now surely that's NOT MONEY -- the people at the top should have insisted that these fixes were applied - still bet nobody at the top loses their job.

    Cheers
    Jimbo
      My Computer


  10. Posts : 19,516
    W11+W11 Developer Insider + Linux
       #69

    jimbo45 said:
    Surely this stuff was deliberately planted by one of the failing A/V companies to boost sales of their products !!!!
    I'm sure you can think of a few likely culprits !!!

    Nice to see Putin got irked off -- after all he's always maintained that Mathematics, Engineering and Computing were Russia's greatest strengths - especially Computers - and they've probably suffered the most -- wonder if it was because of the number of "Pirate" windows systems that might exist over there. I'd hate to be at a Russian security agency meeting when Putin's complaining the NSA has better scientists than he has --even if the USA's security is about as good as using a sieve as a boat.

    I see the UK is beginning to play the Blame game too --perhaps Mrs May will set up a "National Blame Agency" with the CEO being paid around 300,000 EUR / USD a year !!!!

    Cheers
    Jimbo
    That's already politics and yet another reason to be mistrusted. Who knows what else is cooking behind the curtains, this is just one that run away.
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 17:47.
Find Us




Windows 10 Forums