Protecting From WannaCry Ransomware

We have been diligently verifying our customers computer systems are up-to-date and protected from the lastest round of Ransomware called “WannaCry”.

Not sure exactly what patches needed to be applied I found a good page from SolarWinds the lists the appropriate patches for a given Operating System.

https://support.solarwindsmsp.com/

Microsoft’s Update Catalog allows you to download the the “.MSU” patches. Microsoft recommends using Internet Explorer to download and install the patches. You may need to set downloads to “enable”. In Internet Explorer Tools, under the Security tab, select “Custom Level.”. Scroll down till you see “Download” and click enable.

For antivirus we have been using Vipre. We received a email from Virpe stating the were already protecting customer before the virus was released. That will save us a considerable hassle. Here is the link the sent us.

https://blog.vipreantivirus.com/important-news/urgent-announcement-wanacryptor-wannacry-information/?mkt_tok=eyJpIjoiT1RnME5XUXpObU13TVRVeCIsInQiOiJoQ1FNVmJsQjh3YUpmTFFQUEowbDZpUzZFTG1FV3g5NkN4cnNcL2RKN1AzSWZXSlZwaTA0UUFQTHF4N29lMndwSDlcL2pxK0I2QlVSbGJ0V2NPdDBuMnhhUktKOWlHdW1UbG1Lakp0NFNrTFhYV2lhQVFhM2N2elNMWG5mTHJFTUlxIn0%3D

This list above is good to know the patches.  The next step was to disable “SMB1”. I logged onto the clients server and open Powershell as an administrator, and ran the following commands.

sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
sc.exe config mrxsmb10 start= disabled

All of these updates required a reboot of the server.

Let us know if this helps you…

 

Comments

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.