Near all WannaCry ransomware infected users were running Windows 7

[NTDaws]

3 hours ago, vorticalbox said:

is it open to the internet or has port 445 forwarded from your router to the server? If not it was never going to get infected b

Open worldwide.

[UglyDuckiling]

Won't be long until that tool is developed further and is able to take on Windows 10, these people have no lives that do this and these people are the wrong hands..

[vanished]

Interesting, this is something I wondered since it was announced.  TBH, this is surprising, but not extremely so.  I expected the numbers for XP would be very high, considering it wasn't protected at all, and I theorized this would just jump from one company's obsolete PC system to another, wiping out everything, but I guess it wasn't companies after all... or at least, if it was, they weren't quite as out of date as I thought.  I would now be interested to see the breakdown of business PCs vs home users, if that's possible, since after some thought, this makes a lot of sense.  After all, the same people who would refuse Windows 10 and stay on Windows 7 tend also to be the ones who turn off updates altogether and insodoing invite problems like this.

[H0R53]

21 hours ago, ThatGuyWhoTwirlsHisPen said:

Literally copy paste from wikipedia with no link to the wiki article. It also has no relevance to who you are replying to.

Actually I edited out the ref tags and removed link formatting, and it doesn't matter because it's informative. smh

[LAwLz]

1 minute ago, Ryan_Vickers said:

Interesting, this is something I wondered since it was announced.  TBH, this is surprising, but not extremely so.  I expected the numbers for XP would be very high, considering it wasn't protected at all, and I theorized this would just jump from one company's obsolete PC system to another, wiping out everything, but I guess it wasn't companies after all... or at least, if it was, they weren't quite as out of date as I thought.  I would now be interested to see the breakdown of business PCs vs home users, if that's possible, since after some thought, this makes a lot of sense.  After all, the same people who would refuse Windows 10 and stay on Windows 7 tend also to be the ones who turn off updates altogether and insodoing invite problems like this.

It's most likely 90% businesses and 10% home users.

Home users are/were protected thanks to NAT and not having many computers on the network (or joining/leaving the network all the time).

[Ezio Auditore]

What about me using windows 98

[ARikozuM]

12 hours ago, Ezio Auditore said:

What about me using windows 98

While I could see why you'd be in danger, I don't see how 32MB of data would be beneficial to the hackers...

Spoiler

Joking. 

 

[leadeater]

7 hours ago, ARikozuM said:

While I could see why you'd be in danger, I don't see how 32MB of data would be beneficial to the hackers...

  Reveal hidden contents

Joking. 

 

[vanished]

10 hours ago, ARikozuM said:

While I could see why you'd be in danger, I don't see how 32MB of data would be beneficial to the hackers...

  Hide contents

Joking. 

 

I'll have you know we had a Win 98 machine with a 1, 2, and massive 8 GB HDD  

[You_are_a_cunt]

*laughs in Windows 10 "forced" updates*

[Bananasplit_00]

On 2017-05-19 at 8:47 PM, GoodBytes said:

It was patched! All Windows versions. Vista included. (XP also got the patch but not in advance). Windows 7 got it well over a month in advance. People have Windows Update disabled. I suspect those on Windows 10 who got infected, also disabled Windows Updates in some fashion.

i tend to nuke it with some regestry trickery, as well as most of these "smart" features that fuck up my day like active hours and shit but i tend to update the OS myself from time to time or whenever there is a big secutiry patch. i got the march version as soon as i could for example.

 

On 2017-05-19 at 8:50 PM, GoodBytes said:

many people follow the "If it works, I don't update" mentality, which is wrong.

this is why i was laughing uncontrolably once this shit hit, knowing it had been patched quite a while back. sure it sucks, but if you dont update to a major security patch then you are just waiting to get rekt.

[SCHISCHKA]

i wonder how bad china was hit

[mr moose]

22 minutes ago, SCHISCHKA said:

i wonder how bad china was hit

we'll never really know, they are really good at hiding embarrassing tech issues.

[leadeater]

4 minutes ago, mr moose said:

we'll never really know, they are really good at hiding embarrassing tech issues.

I heard no computers were infected at all 

China PR team.

[mr moose]

Just now, leadeater said:

I heard no computers were infected at all 

And neither was their bullet train...  or their space program...       Really good at hiding stuff, like the bodies of CIA informants.

[captain_to_fire]

On 5/20/2017 at 2:36 AM, NCIX Lampy said:

Any Linux users infected/touched by WannaCry? Or was it just Windows aimed entirely? 

Linux is also vulnerable 

 

[dalekphalm]

4 hours ago, hey_yo_ said:

Linux is also vulnerable

-snip-

Your post is misleading.

 

Wine is vulnerable. A Linux distro not running Wine should be totally safe from infection.

 

Note: this does not prevent a Linux file server from becoming encrypted by an infected Windows Machine, or from passing infected files to a Windows Machine.

[Michael McAllister]

On 5/19/2017 at 11:32 AM, weed said:

Shit. I run Windows 7 Ultimate on my Desktop and laptop.

 

If you regularly patch your machine, you should be fine.  You should disable SMBv1 though.  SMBv1 only.  On Windows 8.1 and later, you can completely uninstall SMBv1 quite easily.

[LAwLz]

2 hours ago, dalekphalm said:

Your post is misleading.

 

Wine is vulnerable. A Linux distro not running Wine should be totally safe from infection.

 

Note: this does not prevent a Linux file server from becoming encrypted by an infected Windows Machine, or from passing infected files to a Windows Machine.

It's worth adding that Samba was/is not vulnerable to the same SMB exploit either, so the only way to get infected on GNU/Linux is if you did these steps:

1) Installed Wine.

2) Manually downloaded WannaCry (it would not spread to the machine automatically).

3) Manually ran WannaCry (it could not execute automatically).

 

 

[SCHISCHKA]

7 minutes ago, LAwLz said:

It's worth adding that Samba was/is not vulnerable to the same SMB exploit either, so the only way to get infected on GNU/Linux is if you did these steps:

1) Installed Wine.

2) Manually downloaded WannaCry (it would not spread to the machine automatically).

3) Manually ran WannaCry (it could not execute automatically).

 

 

mount home partition with the noexec flag. remove the possibility to get tricked.

[Prysin]

On 2017-5-19 at 8:28 PM, Coaxialgamer said:

Interesting . Don't know what to make of it though.

there is just one thing to make of it; forced updates works. And the only reason whe hate forced updates is because it breaks shit without warning, especially in business, where software is usually total piece of crap code made by interns 20 years ago.

[Notional]

So people with a 7 year old OS got infected? What a big surprise.

[ARikozuM]

7 hours ago, Prysin said:

there is just one thing to make of it; forced updates works. And the only reason whe hate forced updates is because it breaks shit without warning, especially in business, where software is usually total piece of crap code made by interns 20 years ago.

If a business doesn't have proper backups and images, they aren't doing it right. You can easily revert a machine with an image or System Restore and having your data off-site and on-site is standard operating protocol for any business size. 

[LAwLz]

7 hours ago, Prysin said:

there is just one thing to make of it; forced updates works. And the only reason whe hate forced updates is because it breaks shit without warning, especially in business, where software is usually total piece of crap code made by interns 20 years ago.

I would not be so quick to jump to conclusions.

Here is another perfectly legitimate explanation.

 

Home users were protected thanks to things like NAT. If a home users got infected then chances are it would only infect maybe 2-3 computers. Not a big deal when you think of the hundreds of thousands of computers that got infected.

Corporate networks however, where you got a lot of computers, and possibly people leaving/entering the network often, connecting remotely, publicly reachable machines and so on, they were far more vulnerable and contributed a much larger percentage to the total amount of infections.

And what is the most widely used version of Windows for corporations? Windows 7.

So the most popular OS, widely used by the most vulnerable group of computers was the one with most infections. That should not really be a surprise, and it does not have anything to do with forced updates.

 

Microsoft also claims that Windows 10 was never vulnerable (I have not confirmed this and I would not trust Microsoft on the issue) so if that's true then it had nothing to do with updates.

 

And on top of all that, companies don't have forced updates. You can turn updates off in the Enterprise version, and they usually run their own WSUS setup.

[Prysin]

On 23/05/2017 at 5:37 PM, LAwLz said:

I would not be so quick to jump to conclusions.

Here is another perfectly legitimate explanation.

 

Home users were protected thanks to things like NAT. If a home users got infected then chances are it would only infect maybe 2-3 computers. Not a big deal when you think of the hundreds of thousands of computers that got infected.

Corporate networks however, where you got a lot of computers, and possibly people leaving/entering the network often, connecting remotely, publicly reachable machines and so on, they were far more vulnerable and contributed a much larger percentage to the total amount of infections.

And what is the most widely used version of Windows for corporations? Windows 7.

So the most popular OS, widely used by the most vulnerable group of computers was the one with most infections. That should not really be a surprise, and it does not have anything to do with forced updates.

 

Microsoft also claims that Windows 10 was never vulnerable (I have not confirmed this and I would not trust Microsoft on the issue) so if that's true then it had nothing to do with updates.

 

And on top of all that, companies don't have forced updates. You can turn updates off in the Enterprise version, and they usually run their own WSUS setup.

well technically, W10 wouldnt be vulnerable, because unless you never plugged the PC onto the net, you'd have gotten that update wether you wanted it or not by now.