Tag: WannaCry

WannaCry on Samba = SambaCry

After the WannaCry attack on Windows it was the question if the open source implementation SAMBA may have a similar vulnerability and in fact it has as currently reported: CVE-2017-7494 Affected are all versions from version 3.5.0 onwards. Patches are available and every distribution should have an update ready in their repos. A workaround is to add the parameter

nt pipe support = no

to the [global] section of the smb.conf file.

Samba_

WannaCrypt Ransomware Attack

The WannaCry/WannaCrypt Ransomware attack successfully compromised tons of systems already by using the classic e-mail attachment vector and the 2nd vector is to use the vulnerable SMB protocol to attack machines in internal networks to infect them as well.

To fix the SMB issue Microsoft already released an update in march 2017, security bulletin MS17-010.

Description:
This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an attacker sends specially crafted messages to a Windows SMBv1 server.

Microsoft now also released an update for Windows XP and Windows Server 2003 (KB4012598) to fix the issue. Automatic Updates should find and install the updates or you can find them in the Microsoft Update Catalog. Microsoft has some more information about this issue on the MSRC team blog.

Available Patches: