You have probably heard the news over the weekend of NHS and other major computer systems around the world being exploited by a cyber attack called WannaCry.
WannaCry uses the ETERNALBLUE vunerability in some versions of Windows operating system.
SchemeServe servers were already updated to protect against ETERNALBLUE but its important to note that it was less than 28 days between the availability of the update and the attack by WannaCry. This means that anyone with an update cycle less than 28 days, most organisations only update monthly, could still be at risk.
I take this opportunity to remind everyone to keep their PCs updated to the latest security versions as they become available, make sure your antivirus is also updated and, crucially, turned on.
Call our Obsessive Support if you need help or advice.
Some Mitigations for WannaCry
- Apply patches for MS17-010 (ETERNALBLUE and DOUBLEPULSAR)
- Create a named mutex “MsWinZonesCacheCounterMutexA” (ref:https://twitter.com/gN3mes1s/status/863149075159543808)
- Filter all SMB (TCP/445), NetBIOS (TCP/139), and RDP (TCP/3389)