DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
November 30, 2020 
Main Menu
News archives

Who's Online
There are currently 151 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Microsoft offers MS17-010 patch for Windows XP to stop Wcry worm

Posted on Saturday, May 13 2017 @ 11:55:23 CEST by

MS logo
As I wrote yesterday, lots of businesses around the world got hit by a piece of ransomware that exploits a Windows Server Message Block (SMB) bug to spread automatically through networks. Microsoft patched this flaw two months ago and now the company made the unusual decision to issue this update for unsupported versions of Windows to help stop the spread of the Wcry worm (aka WannaCry and Wana Decrypt0r).

Despite having reached the end of its life over three years ago, Microsoft just rolled out the MS17-010 patch for Windows XP. Additionally, other unsupported versions of Windows like Windows 8 and Windows Server 2003 also received the patch.
"Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download," Microsoft said in a statement. "This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind."

Researchers believe that Wana Decrypt0r — also referenced online as WCry, WannaCry, WannaCrypt, and WanaCrypt0r — infected over 78,000 computers.
Interestingly, the Wcry outbreak was stopped yesterday evening as a security researcher from MalwareTech discovered a domain name inside the code of the worm. This domain name was not registered so the security researcher decided to register the domain (iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com) to see what would happen.

Much to his surprise, he had accidentally stumbled upon a kill switch. The worm makes a pre-infection check to the domain and stops the infection process if the domain exists. Nice job!

However, this is just a temporary fix as by changing a couple of lines of code the attacker can create a new strain of the worm. The only solution is to ensure your system or systems are fully patched.

Full details at Bleeping Computer.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2020 DM Media Group bvba