WannaCry Ransomware attack is a worldwide global cyber-attack targeting Microsoft Windows operating systems. This malware infects the user’s computer when he/she opens a phishing email or malicious attachments that download the "WannaCrypt" software that encrypts the data on the computer and demands ransom payment via bitcoin currency. Once the payment has been made the data is supposed to be decrypted allowing the user to get back full control of the system, but in many cases, the decryption fails, leaving the data unrecoverable.
At present Microsoft Windows, operating systems starting from Windows XP to Windows 10 and Windows Server 2003 to Windows Server 2016 are all affected by this WannaCry vulnerability.
In March 2017, Microsoft released a security update to address the vulnerability that these attacks are exploiting. For systems that have automatic Windows updates enabled, this security update is pushed to those systems and installed, thus protecting the system from this vulnerability. Those organizations that have automatic Windows updates disabled, or performing those updates manually on a scheduled cadence and have not applied this security update should deploy Microsoft Security Bulletin MS17-010 immediately.
If one of updates from the below table is installed on the system, the system is protected. March, April and May monthly rollups also includes all previous updates including March security update.
|Operating System||2017 March (Security Only)||2017 May (Monthly Quality)||Independent Update||Download Link|
|Windows Server 2003 / 2003 R2||NA||NA||KB4012598||http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598|
|Windows Server 2008||NA||NA||KB4012598||http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598|
|Windows Server 2008 R2||KB4012212||KB4019264||NA||
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212 – Security Only
|Windows Server 2012||KB4012214||KB4019216||NA||http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012214 – Security Only
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4019216 – Monthly Roll-up
|Windows Server 2012 R2||KB4012213||KB4019215||NA||http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012213 – Security Update
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4019215 – Monthly Roll-up
|Windows Server 2016||NA||KB4019472||NA||http://www.catalog.update.microsoft.com/Search.aspx?q=KB4019472 – Monthly Roll-up|
Table 1: WannaCry Ransomware Vulnerability
Article ID: SLN311037
Last Date Modified: 08/17/2018 05:29 AM
Thank you for your feedback.