RE: Please run windows update now

[timrutherford]

>>  
>> <https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/>
>>  
>> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

>> Look near the bottom under Further Resources.

 

Those are the links appear to be patches for older versions of Windows.

 

The link that Josh sent initially is probably the most straight forward for 
currently supported versions.  

 

                
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

 

Scroll down below “Affected Software and Vulnerability Severity Ratings” and 
click on the link in the left column it will being you to the MS Update Catalog 
download page for the patch in question.

 

                

 

 

Keep in mind that since MS started doing monthly patch rollups instead of 
individual patches, they are listing a “rollup” KB# and “security only” KB# for 
each version of Windows.

 

For example, look at Windows 2012/2012R2 above – there are four different KB#s 
depending on the OS version and update method being used.  

 

KB4012217 : “monthly rollup” version for 2012 (gets delivered via windows 
update - contains this patch and several others)

KB4012214 : “security only” version for 2012 for this one patch 

 

KB4012216 : 2012R2 version of the rollup 

KB4012213 : 2012R2 version of the security only patch 

 

 

-----Original Message-----
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Keith Stokes
Sent: Monday, May 15, 2017 11:49 AM
To: Keith Medcalf <kmedc...@dessus.com>
Cc: nanog@nanog.org
Subject: Re: Please run windows update now

 

 
<https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/>
 
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

 

 

Look near the bottom under Further Resources.

 

 

On May 15, 2017, at 10:44 AM, Keith Medcalf < 
<mailto:kmedc...@dessus.com%3cmailto:kmedc...@dessus.com> 
kmedc...@dessus.com<mailto:kmedc...@dessus.com>> wrote:

 

 

I do not see any links to actually download the actual patches.  Just a bunch 
of text drivel.

 

 

--

˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı

 

-----Original Message-----

From: NANOG [ <mailto:nanog-boun...@nanog.org> mailto:nanog-boun...@nanog.org] 
On Behalf Of  <mailto:timrutherf...@c4.net%3cmailto:timrutherf...@c4.net> 
timrutherf...@c4.net<mailto:timrutherf...@c4.net>

Sent: Monday, 15 May, 2017 09:23

To: 'Josh Luthman'; 'Nathan Fink'

Cc:  <mailto:nanog@nanog.org> nanog@nanog.org

Subject: RE: Please run windows update now

 

I should clarify, the link in my email below is only for windows versions that 
are considered unsupported.

 

This one has links for the currently supported versions of windows

 

 <https://support.microsoft.com/en-us/help/4013389/title> 
https://support.microsoft.com/en-us/help/4013389/title

 

 

-----Original Message-----

From:  <mailto:timrutherf...@c4.net> timrutherf...@c4.net [ 
<mailto:timrutherf...@c4.net> mailto:timrutherf...@c4.net]

Sent: Monday, May 15, 2017 11:12 AM

To: 'Josh Luthman' < <mailto:j...@imaginenetworksllc.com> 
j...@imaginenetworksllc.com>; 'Nathan Fink'

< <mailto:nef...@gmail.com> nef...@gmail.com>

Cc: 'nanog@nanog.org' < <mailto:nanog@nanog.org> nanog@nanog.org>

Subject: RE: Please run windows update now

 

They even released updates for XP & 2003

 

 <http://www.catalog.update.microsoft.com/search.aspx?q=4012598> 
http://www.catalog.update.microsoft.com/search.aspx?q=4012598

 

 

-----Original Message-----

From: NANOG [ <mailto:nanog-boun...@nanog.org> mailto:nanog-boun...@nanog.org] 
On Behalf Of Josh Luthman

Sent: Monday, May 15, 2017 10:45 AM

To: Nathan Fink < <mailto:nef...@gmail.com> nef...@gmail.com>

Cc:  <mailto:nanog@nanog.org> nanog@nanog.org

Subject: Re: Please run windows update now

 

Link?

 

I only posted it as reference to the vulnerability.

 

 

Josh Luthman

Office: 937-552-2340

Direct: 937-552-2343

1100 Wayne St

Suite 1337

Troy, OH 45373

 

On Sat, May 13, 2017 at 2:07 AM, Nathan Fink < <mailto:nef...@gmail.com> 
nef...@gmail.com> wrote:

 

I show MS17-010 as already superseded in SCCM

 

On Fri, May 12, 2017 at 1:44 PM, Josh Luthman <j...@imaginenetworksllc.com

 

wrote:

 

MS17-010

 <https://technet.microsoft.com/en-us/library/security/ms17-010.aspx> 
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

 

 

Josh Luthman

Office: 937-552-2340

Direct: 937-552-2343

1100 Wayne St

Suite 1337

Troy, OH 45373

 

On Fri, May 12, 2017 at 2:35 PM, JoeSox < <mailto:joe...@gmail.com> 
joe...@gmail.com> wrote:

 

Thanks for the headsup but I would expect to see some references to the patches 
that need to be installed to block the vulnerability (Sorry for sounding like a 
jerk).

We all know to update systems ASAP.

 

--

Later, Joe

 

On Fri, May 12, 2017 at 10:35 AM, Ca By < <mailto:cb.li...@gmail.com> 
cb.li...@gmail.com> wrote:

 

This looks like a major worm that is going global

 

Please run windows update as soon as possible and spread the word

 

It may be worth also closing down ports 445 / 139 / 3389

 

 <http://www.npr.org/sections/thetwo-way/2017/05/12/> 
http://www.npr.org/sections/thetwo-way/2017/05/12/

528119808/large-cyber-attack-hits-englands-nhs-hospital-

system-ransoms-demanded

 

 

 

 

 

 

 

 

 

 

 

---

 

Keith Stokes