[CRTech] Christian Radio Tech [MSG 79835]
[Thread Prev] [-- Thread Index --] [Thread Next] [Date Prev] [-- Date Index --] [Date Next]
The "Wannacry" ransomware attack
To: CRTech <crtech@crtech.org>
Subject: The "Wannacry" ransomware attack
From: Willie Barnett <wbradiolists@gmail.com>
Date: Mon, 15 May 2017 15:10:57 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=lkQeghHcekSMI8pHOqJpdOwTLPyxbpZC1YVyfq6Xeyw=; b=japrK9eaLXLBjYPhZs4vzJXFZgshn6BJdr7bLeYB8SXk8Ohr1SWEmhFyWvLF1rTxKA UUXi0DPvMH/fCFhiukRwzmPwQnt8U5HyHXP+Ogy1zNGoXphIAxylF7B57x9Sk/vtkPPn g37Ygsd1N4CsisYvnuVuNBjMLvOmqV9N5GVIfaQMpAP0JBbdnXJeNG638tUjr+q69oSK KEyrl71X/7sh7VbBHfrdHs0sug99W8cWo1+vQ5YMRe6xCWdOzy6BOrjrEPIXIXGNcPAy N2vxgJcC7bXUwH4EyUgVCdnTN8VgrxTRtJUqx+oIE/daWJNomUMaTLB6wjLAxQfPOCUR bxZw==
​When I discovered that MS has released a patch for XP systems, I immediately & successfully applied it to my home system! :) WHEW!!

Here is a link to the Microsoft page that makes a number of versions of their patch available...
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

I PRAYED ​that the systems at the station would be spared, and THANK YOU, LORD, they were! I was able to install the patch into our Internet-facing machines. (It won't install into a SP2 machine, of which we have two.)

I discovered that you CAN NOT just download it ONCE, then drag/drop it to other machines to deploy... it won't work! (The error messages says it's "not compatible with this version of Windows".) But that isn't true! The only way to deploy this patch, is to put the machine online, then go to the MS page (link above) and download a "fresh" copy. Then it works. (MotherShip must want to keep track of where it goes? Sigh.)

Between home & work, I've already successfully deployed it on ten XP machines and three WIN7 machines. (There is a different link on that same page to get it for WIN7)

HEADS-UP!! The MS page is NOT very "user-friendly", so put your propeller beanie on and proceed carefully. ;)

​I'm not too keen on the idea of taking my automation machines down, changing the IP to get them online, then install a recent version of Firefox so I can open the page and install the patch... but I may just have to do exactly that.​ :P

​Unless someone here knows of a version of the XP patch that is "portable"? That would be awesome!

I'm now making new backups of the machines into which I've deployed this patch. That way, the backups have it, so if I need to *USE* those backups, it's already in place. :)

Prime rule: You can NEVER have "too many" backups! Mine are stored on several portable USB drives that are kept unplugged, and one PC that is kept powered-off. This is vital! Backups are thus safe from these kinds of attacks.

I sincerely pray for those who may have been hit by this evil, that you will be able to recover fully and with minimal impact!

Willie...

Follow-Ups: Re: The "Wannacry" ransomware attack
(Julius Bryant <hody38@gmail.com>, 15 May 2017 19:15:40 -0000)
Re: The "Wannacry" ransomware attack
(Joe Quinn <jdawg1983@gmail.com>, 15 May 2017 20:42:49 -0000)
Re: The "Wannacry" ransomware attack
(Stu Engelke Lists <audiotoantenna@gmail.com>, 20 May 2017 21:12:22 -0000)
Prev by date: Re: AM tower tuning affected by fog
(Tom Van Gorkom, 15 May 2017 18:51:04 -0000)
Next by date: Re: The "Wannacry" ransomware attack
(Julius Bryant, 15 May 2017 19:15:40 -0000)
Prev by thread: Re: AM tower tuning affected by fog
(Willie Barnett, 17 May 2017 14:26:22 -0000)
Next by thread: Re: The "Wannacry" ransomware attack
(Julius Bryant, 15 May 2017 19:15:40 -0000)
CRTech.org