Microsoft Security Update 14 May 2017 Released after Ransomware Attack

Microsoft has provided a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. And if you are using Windows 10, then this you are not targeted by this attack.

This emergency security update from Microsoft named as MS17-010 which protects you from WannaCry Ransomware, a NSA leaked tool which recently compromised 100k+ systems worldwide and demands a ransom amount of $300 via BITCOIN. The current rate of 1 Bitcoin is 1740 USD.

Malwaretech also released one interactive Live Map through which you can easily see all infection locations globally by clicking below link –

https://intel.malwaretech.com/WannaCrypt.html

These are the 3 Bitcoin addresses so far which we collected from recent cyber attack

https://blockchain.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94

https://blockchain.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw

https://blockchain.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn

If you are a security researcher and you wanna report some vulnerability to Microsoft Team then you should visit this link.

Program Name Start Date Ending Date Eligible Entries Bounty range
Microsoft Office Insider Bug Bounty Program Terms March 15, 2017 June 15, 2017 Vulnerability reports on Microsoft Office Insider on Windows Desktop (see link for program details) Up to $15,000 USD
Microsoft .NET Core and ASP.NET Core Bug Bounty Program Terms September 1, 2016 Ongoing Vulnerability reports on .NET Core and ASP.NET Core RTM and future builds (see link for program details) Up to $15,000 USD
Microsoft Edge RCE on Windows Insider Preview Bug Bounty August 4, 2016 May 15, 2017 Critical RCE in Microsoft Edge in the Windows Insider Preview. TIME LIMITED. Up to $15,000 USD
Online Services Bug Bounty (O365) September 23, 2014 Ongoing Vulnerability reports on applicable O365 services (see link for program details). Up to $15,000 USD
Online Services Bug Bounty (Azure) April 22, 2015 Ongoing Vulnerability reports on eligible Azure services (see link for program details). Up to $15,000 USD
Mitigation Bypass Bounty June 26, 2013 Ongoing Novel exploitation techniques against protections built into the latest version of the Windows operating system. Up to $100,000 USD
Bounty for Defense June 26, 2013 Ongoing Defensive ideas that accompany a qualifying Mitigation Bypass submission Up to $100,000 (in addition to any applicable Mitigation Bypass Bounty).

Here are some informative tweets related to this malware and cyber attack –

Note: Cert-In also published an article against this cyber attack

Recommended Steps for Prevention

  • Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.
  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.
  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.
  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.
  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.
  • Configure access controls including file, directory, and network share permissions with least privilege in mind.
  • If a user only needs to read specific files, they should not have write access to those files, directories, or shares.
  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.
  • Develop, institute and practice employee education programs for identifying scams, malicious links, and attempted social engineering.
  • Have regular penetration tests run against the network. No less than once a year. Ideally, as often as possible/practical.
  • Test your backups to ensure they work correctly upon use.
You may also like:

Sarcastic Writer

Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.

Related Posts