Wanna Cry ramsomware

[khazad]

So i just watched the Wan Show, and i didn't quite understand it, to be safe i don't have to download the latest windows update? Luke said that most people doesn't have their windows update activated, or do i need to have the latest update?

[Oshino Shinobu]

You should update just in case. The update that patched the EternalBlue exploit was released back in March, so if you updated from April to now you should be okay, but it won't hurt to update anyway. 

[khazad]

3 minutes ago, Oshino Shinobu said:

You should update just in case. The update that patched the EternalBlue exploit was released back in March, so if you updated from April to now you should be okay, but it won't hurt to update anyway. 

Alright thanks.

[TAHIRMIA]

I have not watched it yet but he probably meant that most people have disabled the W10 update service cuz of the forced update thing.

[Enderman]

1 minute ago, TAHIRMIA said:

I have not watched it yet but he probably meant that most people have disabled the W10 update service cuz of the forced update thing.

Yeah all the dumb people who can't be bothered for a few minutes a month and think disabling updates is good

[pagani123]

you should update or pay for malwarebytes both solve that problem. I just updated because of this exploit, I would really recommend it

[Foxxer]

1703 build boois.

[TAHIRMIA]

Just now, Enderman said:

Yeah all the dumb people who can't be bothered for a few minutes a month and think disabling updates is good

I've been tempted to cuz it takes a really long time but then they started to allow scheduling so I left it on.

1 minute ago, Maybach123 said:

you should update or pay for malwarebytes both solve that problem. I just updated because of this exploit, I would really recommend it

If updating fixes it why would people pay for Malwarebytes Pro

[Windows7ge]

I disabled windows updates. If Microsoft was nice enough to have:

Forced: Strictly Security Updates

Optional: OS optimization and menu changes

I'd just disable the optimization and menu changes but no. It's one giant bundle package to Microsoft and they don't care if you like your OS exactly the way it is. So I take the risks so my machine doesn't change without my permission.

 

Not to mention updates that change things other than security are more likely to make your applications stop working.

non-windows example: Java updated to V8U131 recently. Their update made my IPMI remote desktop sessions stop working. Telling me the connection to A LOCAL SERVER ON A PRIVATE NETWORK was no longer acceptable due to a weak signature key. Nothing I tried fixed it except rolling back the driver and disabling updates.

[dlink377]

Some places (in fact most of the sites i managed before), have a very low internet bandwidth. Most of them is only 1 Mbps - 2 Mbps at best, so any application that uses so much bandwidth needs to be disabled or blocked at firewall level.

 

I always block all windows update domains and windows store on router level, so updates will never be downloaded.

 

However, every sites is instructed to use wsusoffline tool to download the updates on one computer and install it on every computer. This method is not perfect, as you should use proper Windows provided tool (local windows update server).

[pagani123]

Just now, TAHIRMIA said:

If updating fixes it why would people pay for Malwarebytes Pro

I dont know just giving a second option. 

[2FA]

6 minutes ago, TAHIRMIA said:

I've been tempted to cuz it takes a really long time but then they started to allow scheduling so I left it on.

If updating fixes it why would people pay for Malwarebytes Pro

Because some people absolutely refuse to let Windows 10 update.

[WMGroomAK]

10 minutes ago, TAHIRMIA said:

I have not watched it yet but he probably meant that most people have disabled the W10 update service cuz of the forced update thing.

My take from the discussion is that on a corporate or business level, updates are disabled in order to allow for system admins to validate the update prior to mass deployment.  They also do this as well to prevent the updates from installing en mass at an inconvenient time, like when there is a high volume of access requests to a server.  

[TAHIRMIA]

Just now, WMGroomAK said:

My take from the discussion is that on a corporate or business level, updates are disabled in order to allow for system admins to validate the update prior to mass deployment.  They also do this as well to prevent the updates from installing en mass at an inconvenient time, like when there is a high volume of access requests to a server.  

 

Yh, it's more of a convenience sort of thing, But I think after this the validation is going to be done a lot quicker for most companies

[DrMacintosh]

15 minutes ago, TAHIRMIA said:

most people have disabled the W10 update service

This is a lie

[TAHIRMIA]

Just now, DrMacintosh said:

This is a lie

Some then!

[captain_to_fire]

26 minutes ago, khazad said:

So i just watched the Wan Show, and i didn't quite understand it, to be safe i don't have to download the latest windows update? Luke said that most people doesn't have their windows update activated, or do i need to have the latest update?

You should. Doesn't take that long. The risks are just way too serious to ignore Windows Update. While you're at it, you may want to consider switching to some other third party AVs. Only 30% of the AVs out there detected and blocked WannaCry even before the news broke.

Quote

Security experts point out that some antivirus software is capable of catching the Wanna Decryptor virus.

 

"This particular ransomware is correctly identified and blocked by 30% of the AV vendors using current virus definitions. It is correctly handled by both Kaspersky and BitDefender," said Phil Richards, the CISO at Ivanti.

 

[khazad]

10 minutes ago, hey_yo_ said:

You should. Doesn't take that long. The risks are just way too serious to ignore Windows Update. While you're at it, you may want to consider switching to some other third party AVs. Only 30% of the AVs out there detected and blocked WannaCry even before the news broke.

 

Yeah, i have malwarebytes pro.

[vorticalbox]

35 minutes ago, Windows7ge said:

I disabled windows updates. If Microsoft was nice enough to have:

Forced: Strictly Security Updates

Optional: OS optimization and menu changes

I'd just disable the optimization and menu changes but no. It's one giant bundle package to Microsoft and they don't care if you like your OS exactly the way it is. So I take the risks so my machine doesn't change without my permission.

 

Not to mention updates that change things other than security are more likely to make your applications stop working.

non-windows example: Java updated to V8U131 recently. Their update made my IPMI remote desktop sessions stop working. Telling me the connection to A LOCAL SERVER ON A PRIVATE NETWORK was no longer acceptable due to a weak signature key. Nothing I tried fixed it except rolling back the driver and disabling updates.

Microsoft need to split their upgrades from security. Security updates should be forced, upgrades optional.

[vorticalbox]

1 minute ago, khazad said:

Yeah, i have malwarebytes pro.

I have Linux lol

[khazad]

4 minutes ago, vorticalbox said:

I have Linux lol

[TAHIRMIA]

Just now, khazad said:

-SNIP-

 

As long as its safe from Wana Cry

[elis]

Does this Ransomware affect Windows 7 ?

[TAHIRMIA]

Just now, elis said:

Does this Ransomware affect Windows 7 ?

Yes, Unless you are all updated!

[elis]

Does it affect all local disks or only the one with the system ?