WannaCrypt also termed as WannaCry and Wcry or Wcrypt, has already caused massive damage worldwide through its NSA-powered ransomware. The ransomware has reportedly attacked businesses, hospitals, railways stations, universities and many other organizations inflicting a major devastation.
WannaCrypt ransomware targets outdated systems
A common observation among the targeted systems is that many of them were running older Windows operating systems like Windows XP, Windows 8 and Windows Server 2003. Such systems usually do not get Microsoft support unless the organization using them opt for special custom support.
Microsoft releases Patches for Windows XP, etc
To counter this emergency situation and spread of the malware, Microsoft has released emergency fixes in the form of security patches to defend against the malware. The company even released WannaCrypt Patches for the unsupported versions of Windows OS, such as Windows XP, Windows 8 and Windows Server 2003, as well as for the supported platforms.
Describing this emergency step as highly unusual one, Microsoft said that it is providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.
Customers running Windows 10 were not targeted by the attack, said the company.
Patch your Windows OS right now!
For those who are still running older Windows versions, it’s time that you should patch immediately. Moving to the latest Windows version is also a good idea as Microsoft says that Windows 10 isn’t targeted.
Users who have enabled Windows Update are already protected as they will receive patch automatically. For customers using Windows Defender, Microsoft has already released an update which detects the threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.
In case you are not able to install the patch on your PC, try following options,
- Disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547
- Add a rule on your router or firewall to block incoming SMB traffic on port 445
If you are lucky to haven’t been infected, make sure your security patches are up to date. Start by killing off the SMBv1, and block access to it from outside your network. As you know that there are patches already available for the malware codes, so there’s no excuse for getting caught out as a private user.
Remember to initiate the security steps urgently, as WannaCry ransomware demands $300 Bitcoin for unlocking encrypted files and the amount doubles after three days. Once infected, you are likely to receive threats that your files may be deleted permanently if the ransom is not paid within a week.
To get the download links and more information, visit this Technet post. Security patches are available for Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64.