Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Microsoft security updates MS17-010 - (SMBv1)

Number: AV17-068
Date: 13 May 2017

Purpose

The purpose of this advisory is to bring attention to the release of a patch by Microsoft for end-of-life products recently impacted by a ransomware RansomwareA type of malware that denies a user's access to a system or data until a sum of money is paid. campaign known as “WCry”, “Wana”, “WCrypt”, “WanaDecryptor” or “WanaCry”.

Assessment

Over the past 48 hours this ransomware campaign has been exploiting vulnerabilities in what are considered to be Microsoft “custom support only” products worldwide.  Microsoft has released a security update for all customers to protect the following vulnerable Windows platforms;

  • Windows XP,
  • Windows 8
  • Windows Server 2003

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

Microsoft: Customer Guidance for WannaCrypt attacks
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft Security Bulletin MS17-010 - Critical
Security Update for Microsoft Windows SMB Server (4013389)
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Microsoft Malware MalwareMalicious software designed to infiltrate or damage a computer system, without the owner's consent. Common forms of malware include computer viruses, worms, Trojans, spyware, and adware. Protection Center
https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt

Date modified: