SoylentNews is people
SoylentNews
[Update at 20170515_022452 UTC: Instructions for what to do on each affected version of Windows can be found at: https://www.askwoody.com/2017/how-to-make-sure-you-wont-get-hit-by-wannacrywannacrypt/ -- I've had excellent luck in the past following his advice on when and how to update Windows. Clear, hands-on instructions are a big win in my book. --martyb]
Previously: "Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS.
tl;dr: If you have not already patched your Windows computer(s), you may be at risk from a new variant of the WannaCrypt ransomware worm which lacks a kill switch and was seen over the weekend. Sysadmins are preparing for a busy Monday when countless other users return to work and boot up their PC.
WannaCrypt (aka WCry), is a ransomware worm that wreaked havoc across the internet this past weekend. It disabled Windows computers at hospitals, telecoms, FedEx, and banks (among many others). Files on user's machines were encrypted and the worm demanded $300 or $600 worth of Bitcoin to decrypt (depending on how quickly you responded). Reports first surfaced Friday night and were stopped only because a researcher discovered a domain name in the code, which when registered, caused the malware to stop infecting new machines.
We're not out of the woods on this one. Not surprisingly, a variant has been seen in the wild over the weekend which has removed the domain check. Just because you may not have been hit in the initial wave of attacks does not necessarily mean you are immune.
Back in March, Microsoft released updates to Windows to patch vaguely-described vulnerabilities. Approximately one month later, a dump of purported NSA (National Security Agency) hacking tools were posted to the web. The WannaCrypt ransomware appears to be based on one of those tools. Surprisingly, the Microsoft patches blocked the vulnerability that was employed by WannaCrypt.
In a surprising move, Microsoft has just released emergency patches for out-of-mainstream-support versions of Windows (XP, 8, and Server 2003) to address this vulnerability.
Sources: Our previous coverage linked above as well as reports from the BBC Ransomware cyber-attack threat escalating - Europol, Motherboard Round Two: WannaCrypt Ransomware That Struck the Globe Is Back, and Ars Technica WCry is so mean Microsoft issues patch for 3 unsupported Windows versions.
What actions, if any, have you taken to protect your Windows machine(s) from this threat? How up-to-date are your backups? Have you tested them? If you are a sysadmin, how concerned are you about what you will be facing at work on Monday?
(Score: 3, Informative) by Snotnose on Monday May 15 2017, @02:16AM (9 children)
So, get the notice Windows wants to update, pick a time, any time. I hit snooze. When I'm done with the computer I hit "reboot", that does the update stuff.
Except this time it doesn't.
Couple days later, get the notice Windows wants to update. Kinda busy, hit snooze, when done I "reboot". Nothing. Go searching for update options, find nothing. I mean, I'm done with the computer for a good 12 hours, now would be a great time to update. Nope, can't get it to update.
This morning get the notice Windows wants to update. Having just rebooted from the previous hoped for update I said, "sure, fine, knock yourself out". 2 1/2 hours later I get my login screen. During that 2.5 hours I can't play online games due to my laptop sucking up all my bandwidth and making games lag hell. I can't use my laptop. Did I mention I'd planned to go to sleep during the previous update window, hence would not care how long the upgrade took? Yeah, thought so.
Get the login screen. A good 5 minutes to actually login.
It's now 1-2 minutes from me logging in to actually being able to use my laptop. Thank you Microsoft for making my computing experience so much better.
When the dust settled America realized it was saved by a porn star.
(Score: 2) by Nerdfest on Monday May 15 2017, @02:27AM (2 children)
I see people at work suffering through that as well. It amazes me that that sort of performance is tolerated. The cost for business must be in the billions per year. Well , perhaps not that much as a good of the developers where I work that actually get work done run Linux.
(Score: 2) by LoRdTAW on Monday May 15 2017, @12:53PM (1 child)
https://xkcd.com/303/ [xkcd.com]
Just change "Compiling" to "Updating".
(Score: 2) by kaszz on Monday May 15 2017, @10:16PM
That XKCD should be made into a short movie. Dramatic Star Wars music and the chairs imagined as battle ships ;-)
And the boss is the dark side calling..
(Score: 2) by Dunbal on Monday May 15 2017, @05:14AM (3 children)
Windows update off.
Pay attention to the world.
Download the security patch you need when something like this happens. I downloaded MS17-010 a month ago. Windows update still off.
(Score: 2) by butthurt on Monday May 15 2017, @06:12AM
That's very sensible. Potentially unwanted updates have included telemetry spyware for Windows 7 and 8.x, and the "Get Windows 10" nagware campaign.
/search.pl?tid=&query=windows+telemetry&author=&sort=2&op=stories [soylentnews.org]
/search.pl?tid=&query=windows+gwx&author=&sort=2&op=stories [soylentnews.org]
(Score: 2) by kaszz on Tuesday May 16 2017, @10:27AM
Is it even allowed to have Windows update shut off as in it won't fight you in a digital life and death struggle. And are specific patches available as standalone?
(Score: 2) by kaszz on Tuesday May 16 2017, @10:31AM
Oh, forgot.. Is this true for Windows 10? because that is the OS version that seems to make everything hard that don't need to be so.
(Score: 2) by butthurt on Monday May 15 2017, @06:07AM (1 child)
> Nope, can't get it to update.
You're saying the same thing MichaelDavidCrawford did:
https://soylentnews.org/comments.pl?noupdate=1&sid=19514&page=1&cid=509661#commentwrap [soylentnews.org]
I asked him whether he'd tried WSUS Offline Update.
http://www.wsusoffline.net/ [wsusoffline.net]
(Score: 0) by Anonymous Coward on Monday May 15 2017, @04:32PM
My Win10 machines wouldn't update. There is a setting in updates to allow it download the updates from other local machines. Unselected that, updates work again.