This website uses cookies for your security, to remember your display preferences, and other cookies may be set by our advertising partners and services. You may choose not to accept any cookies, but parts of the site will not work. To find out more about cookies on this website, see our privacy policy.
I accept cookies from this site, its partners and services > >

Ransomware **Updated**

A destructive ransomware attack is affecting Microsoft Windows computers all over the world.

 

Spread by infected Word documents, PDFs or other files, commonly attached to emails, the malware can infect all the computers it finds connected to the same network using unpatched operating system vulnerabilities.

 

Known variously as WanaCrypt0r 2.0, Wanna Decryptor aka Wcry aka WanaCrypt aka WannaCrypt, the malware will encrypt all the files it finds on a computer and then ask for a ransom to be paid (usually in Bit-coin) to have the files decrypted again.

 

Some high profile organizations have already been infected, including several UK NHS Trusts, Telefonica, Vodafone and Iberdrola in Spain, and reports have been received about universities in Italy being hit as well.

 

Microsoft claims to have patched the vulnerability used to initiate the infections on 14th March 2017 - so if you haven't patched your systems yet - we advise you to get them up-to-date as quickly as possible and make sure your anti-virus definitions and software are also updated and current.

 

Known operating system level patches are available for the following operating systems:

  • Microsoft Windows Vista SP2
  • Windows Server 2008 SP2 y R2 SP1
  • Windows 7
  • Windows 8.1
  • Windows RT 8.1
  • Windows Server 2012 y R2
  • Windows 10
  • Windows Server 2016

If you are unable to apply patches for any reason, you may be able to mitigate the infection to some extent by blocking ports 137 y 138 UDP and ports 139 y 445 TCP at the firewall. This will not stop an individual computer getting infected from a malicious file included in an email, but may stop the malware spreading or communicating back to it's command and control servers.

 

It may also be a good time to review your backup solutions and ensure you have up-to-date backups, and that they actually can be restored !

 

**Updated**
Due tio the seriousness of this infection and the impact it is having on older networks,Microsoft has released patches for older Operating systems going back to XP. You can get more information from the MSRC blog, and patch downloads are available from http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598 ( this site is terribly overloaded at time of writing so you may have to be patient and keep retrying)

 

 

As always, if you require any assistance or further information, please do not hesitate to contact Technology Services RPVW.S.L. or just use the contact form on this website.

May 12, 2017
Comments

 

 


chars max: 1000
chars min: 10

Captcha

captchaPlease input letters you see on the image.
Click on image to redraw.

Advertisers Area
Cookies will be set on Log-In
Username:
Password:
Forgot password? Register