Hackers Hit Dozens of Countries With a Stolen N.S.A. Tool
-
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
Aw.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
Aw.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
So I've been poking around trying to identify the specific security patch Microsoft released in March of this year to fix this problem. So far, I have been unable to do so. Does anyone know how to look at your Windows 7 and Xp machines to verify said patch is in place? A direct link is more than sufficient. thx
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
So I've been poking around trying to identify the specific security patch Microsoft released in March of this year to fix this problem. So far, I have been unable to do so. Does anyone know how to look at your Windows 7 and Xp machines to verify said patch is in place? A direct link is more than sufficient. thx
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
Given that both XP and W7 are no longer actively supported, there's a good chance that there is no such update. --edit; Microsoft Security Bulletin MS17-010 - Critical[^]; looks like it's for Vista and upwards.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
-
So I've been poking around trying to identify the specific security patch Microsoft released in March of this year to fix this problem. So far, I have been unable to do so. Does anyone know how to look at your Windows 7 and Xp machines to verify said patch is in place? A direct link is more than sufficient. thx
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
Aw.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
The hospitals had ample warning since the Ransom attack on a hospital in Los Angeles many moons ago, but apparently had no strategy in place in case of a similar attack. Time to get out the long knife and start firing incompetent administrators and IT professionals.:mad:
Get me coffee and no one gets hurt!
-
The tool was leaked by a group calling itself the Shadow Brokers, which has been dumping stolen N.S.A. hacking tools online since last year. Microsoft rolled out a patch for the vulnerability in March, but hackers apparently took advantage of the fact that vulnerable targets — particularly hospitals — had yet to update their systems.
Aw.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
Well, if you keep guns in your house and you're burgled... How lovely that the worst ever cyber attack is the fault of the NSA.
I wanna be a eunuchs developer! Pass me a bread knife!
-
Given that both XP and W7 are no longer actively supported, there's a good chance that there is no such update. --edit; Microsoft Security Bulletin MS17-010 - Critical[^]; looks like it's for Vista and upwards.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
Well - this is what I read: Microsoft had released a fix for that exploit a month before, in March, in security bulletin MS17-010. That security bulletin only included fixes for Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016. But in true Microsoft form, they provide the exactly correct information in an unusable form. I've also read that Windows 10 machines were unaffected by WannaCry but the title above would imply otherwise. I admit it's vague. Time to update all of my VMs. Okay - more info - a bit more specific, might be useful to some:
Quote:
Windows 7: KB4019264: May Security Monthly Rollup for Windows 7 KB4015552: April Preview of Monthly Rollup for Windows 7 WE RECOMMEND: Click to free scan your PC for malware & improve performance KB4015549: April Security Monthly Rollup for Windows 7 KB4012215: March Security Monthly Rollup for Windows 7 KB4012212: March Security Only Quality Update for Windows 7 Windows 8.1: KB4019215: Security Monthly Rollup for Windows 8.1 KB4015553: April Preview of Monthly Rollup for Windows 8.1 KB4015550: April Security Monthly Rollup for Windows 8.1 KB4012216: March Security Monthly Rollup for Windows 8.1 KB4012213: March Security Update for Windows 8.1
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
Well, if you keep guns in your house and you're burgled... How lovely that the worst ever cyber attack is the fault of the NSA.
I wanna be a eunuchs developer! Pass me a bread knife!
???? and not Microsoft who elephanted security again? Or the criminals who actually released the attack? How about the people that leaked the classified info? I guess off to the soapbox we go... Or the administrators that cannot connect the dots? For large organizations there should be a dedicated individual / team who is point on these issues.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
-
Given that both XP and W7 are no longer actively supported, there's a good chance that there is no such update. --edit; Microsoft Security Bulletin MS17-010 - Critical[^]; looks like it's for Vista and upwards.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
As long as you've installed the service pack*, W7 is still in support for a bit more than two and a half more years (till Jan 2020[^]). *and didn't go "LALALALALAICANTHEARGYOULALALALALA" when MS said they'd be dropping support for W7/8.x on processors released after W10 came out; a threat they carried through on a month or two back unless you registry hack around it.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason? Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful? --Zachris Topelius Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies. -- Sarah Hoyt
-
???? and not Microsoft who elephanted security again? Or the criminals who actually released the attack? How about the people that leaked the classified info? I guess off to the soapbox we go... Or the administrators that cannot connect the dots? For large organizations there should be a dedicated individual / team who is point on these issues.
Charlie Gilley <italic>Stuck in a dysfunctional matrix from which I must escape... "Where liberty dwells, there is my country." B. Franklin, 1783 “They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
charlieg wrote:
not Microsoft who elephanted security again?
ms was unaware of this weapon, made by the NSA.
charlieg wrote:
Or the criminals who actually released the attack?
The criminals did not make the weapon, the NSA did. It's highly likely that the kind of person who goes into such criminal endeavours would not be able to make such a weapon. Etc, to any statement that tries to divert attention away from the fact that this "weapon of mass destruction" was created and "made available" by the very organisation that is supposed to be protecting people from such things. Quis custodiet ipsos custodes? No-one tough enough to keep them reined in and under control, that's quis.
I wanna be a eunuchs developer! Pass me a bread knife!