WannaCrypt ransomware: Microsoft issues emergency patch for Windows XP

WannaCrypt/WannaCry ransomware has affected Windows XP systems across the globe.
Image: Cisco Talos
安全意识电子邮件期刊
Microsoft has taken the unprecedented step of issuing patches for unsupported operating systems – like Windows XP – in the wake of the massive WannaCrypt ransomware attacks against organisations across the globe.
Businesses, governments and individuals in 74 countries across the globe have been victims of more than 45,000 attacks by this one strain of Ransomware in the space of just a few hours.
Wannacrypt ransomware demands $300 in Bitcoin for unlocking encrypted files – a price which doubles after three days. Users are also threatened with having all their files permanently deleted if the ransom isn’t paid in a week.
Hospitals across the UK have had systems knocked offline by the ransomware attack, with patient appointments cancelled and doctors and nurses resorting to pen and paper and NHS England declaring the cyberattack as a ‘major incident’ – a total of 45 NHS organisations are now own to be affected.
Cybersecurity researchers have suggested the ransomware attacks are so potent because they exploit a a known software flaw dubbed EternalBlue. This Windows flaw is one of many zero-days which was apparently known the NSA — before being leaked by the Shadow Brokers hacking collective. Microsoft released a patch for the vulnerability earlier this year – but only for the most recent operating systems.
One thing many of the targets have in common is that they’re running old Windows operating systems like Windows XP, Windows 8 and Windows Server 2003, which now only usually receive patches if the organisation using them is receiving special custom support.
真理是朴素的,改善信息安全,拒绝故弄玄虚,我要浅显易懂。
Also: Ransomware: These four industries are the most frequently attacked | Windows 10 tip: Keep unwanted software off PCs you support | Will your business be next? Customizable ransomware makes it easy for criminals to target organisations | Ransomware: An executive guide to one of the biggest menaces on the web
However, in order to ensure as many systems as possible are protected against WannaCrypt ransomware and other attacks, Microsoft has made security patches for Windows XP and other operating systems broadly available to download.

“This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind,” the company told customers in a blog post.
Customers can now download security updates for Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64.
Microsoft is continuing to work with customers to provide assistance as the situation evolves.
In response to the attacks against the UK’s National Health Service, Home Secretary Amber Rudd is set to chair an emergency Cobra crisis-committee meeting to cordinate a government response to the incident.
Meanwhile,. The National Cyber Security Centre has issued a statement to say it is “working round the clock with UK and international partners and with private sector experts to lead the response to these cyber attacks”.
Ciaran Martin, CEO of the National Cyber Security Centre, said that in order to protect against this sort of attack, organisations should “make sure your security software patches are up to date” and “make sure that you are running proper anti-virus software”READ MORE ON CYBERCRIMERansomware: Why it’s a really big problem for small businessesNew dark web scheme lets wannabe cybercriminals get in on ransomware – for freeReport: Ransomware attacks grew 600% in 2016, costing businesses $1B [TechRepublic]Tell Bart and other ransomware families to ‘Eat my shorts’ with new, free decryption toolsHow Bitcoin helped fuel an explosion in ransomware attacks
信息安全是金融业信息科技的永恒主题,信息安全工作是一个系统工程,需要决策层、管理层、技术层通力配合,从安全制度建设和技术手段方面着手,加强信息安全意识的教育和培训,

猜您喜欢

“快意!安宣”只需三步发起安全意识宣教
网络安全知识宣传活动防范来自竞争者的高级持续性威胁
安全月安全生产教育动画片——小李的一天
欢乐颂关关华丽转身 变长腿女神惊呆张继科
SKYSONG AUTUMN-BENNETT
如何保障信息安全控制措施的有效性