Microsoft discovered the WannaCrypt (also called WannaCry or WCry) ransomware attack fairly early on May 12, 2017 (US time), according to a blog post.
"We detected a new ransomware that spreads like a worm by leveraging vulnerabilities that have been previously fixed. While security updates are automatically applied in most computers, some users and enterprises may delay deployment of patches. Unfortunately, the malware, known as WannaCrypt, appears to have affected computers that have not applied the patch for these vulnerabilities. While the attack is unfolding, we remind users to install MS17-010 if they have not already done so," the blog post states.
The company has also taken the unprecedented step of issuing a patch for unsupported versions of Windows, as detailed in another blog post.
"Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today," stated the post.
"Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download."
Interested?
Download the patch for Windows XP, Windows 8, and Windows Server 2003
Read the Microsoft blog post about how the ransomware spread
Read the MalwareTech blog post on how registering a command and control domain name stopped the ransomware in its tracks. Editor's note: While this was a very happy accident, there is no guarantee that future ransomware attacks can be stopped the same way.
Read the TechTrade Asia blog post about Kaspersky Lab naming ransomware its security story of the year for 2016
No comments:
Post a Comment