Please run windows update now

timrutherford at c4.net timrutherford at c4.net
Mon May 15 18:22:59 UTC 2017 

>>  <https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

>> Look near the bottom under Further Resources.

 

Those are the links appear to be patches for older versions of Windows.

 

The link that Josh sent initially is probably the most straight forward for currently supported versions.  

 

                https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

 

Scroll down below “Affected Software and Vulnerability Severity Ratings” and click on the link in the left column it will being you to the MS Update Catalog download page for the patch in question.

 

                

 

 

Keep in mind that since MS started doing monthly patch rollups instead of individual patches, they are listing a “rollup” KB# and “security only” KB# for each version of Windows.

 

For example, look at Windows 2012/2012R2 above – there are four different KB#s depending on the OS version and update method being used.  

 

KB4012217 : “monthly rollup” version for 2012 (gets delivered via windows update - contains this patch and several others)

KB4012214 : “security only” version for 2012 for this one patch 

 

KB4012216 : 2012R2 version of the rollup 

KB4012213 : 2012R2 version of the security only patch 

 

 

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Keith Stokes
Sent: Monday, May 15, 2017 11:49 AM
To: Keith Medcalf <kmedcalf at dessus.com>
Cc: nanog at nanog.org
Subject: Re: Please run windows update now

 

 <https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

 

 

Look near the bottom under Further Resources.

 

 

On May 15, 2017, at 10:44 AM, Keith Medcalf < <mailto:kmedcalf at dessus.com%3cmailto:kmedcalf at dessus.com> kmedcalf at dessus.com<mailto:kmedcalf at dessus.com>> wrote:

 

 

I do not see any links to actually download the actual patches.  Just a bunch of text drivel.

 

 

--

˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı

 

-----Original Message-----

From: NANOG [ <mailto:nanog-bounces at nanog.org> mailto:nanog-bounces at nanog.org] On Behalf Of  <mailto:timrutherford at c4.net%3cmailto:timrutherford at c4.net> timrutherford at c4.net<mailto:timrutherford at c4.net>

Sent: Monday, 15 May, 2017 09:23

To: 'Josh Luthman'; 'Nathan Fink'

Cc:  <mailto:nanog at nanog.org> nanog at nanog.org

Subject: RE: Please run windows update now

 

I should clarify, the link in my email below is only for windows versions that are considered unsupported.

 

This one has links for the currently supported versions of windows

 

 <https://support.microsoft.com/en-us/help/4013389/title> https://support.microsoft.com/en-us/help/4013389/title

 

 

-----Original Message-----

From:  <mailto:timrutherford at c4.net> timrutherford at c4.net [ <mailto:timrutherford at c4.net> mailto:timrutherford at c4.net]

Sent: Monday, May 15, 2017 11:12 AM

To: 'Josh Luthman' < <mailto:josh at imaginenetworksllc.com> josh at imaginenetworksllc.com>; 'Nathan Fink'

< <mailto:nefink at gmail.com> nefink at gmail.com>

Cc: 'nanog at nanog.org' < <mailto:nanog at nanog.org> nanog at nanog.org>

Subject: RE: Please run windows update now

 

They even released updates for XP & 2003

 

 <http://www.catalog.update.microsoft.com/search.aspx?q=4012598> http://www.catalog.update.microsoft.com/search.aspx?q=4012598

 

 

-----Original Message-----

From: NANOG [ <mailto:nanog-bounces at nanog.org> mailto:nanog-bounces at nanog.org] On Behalf Of Josh Luthman

Sent: Monday, May 15, 2017 10:45 AM

To: Nathan Fink < <mailto:nefink at gmail.com> nefink at gmail.com>

Cc:  <mailto:nanog at nanog.org> nanog at nanog.org

Subject: Re: Please run windows update now

 

Link?

 

I only posted it as reference to the vulnerability.

 

 

Josh Luthman

Office: 937-552-2340

Direct: 937-552-2343

1100 Wayne St

Suite 1337

Troy, OH 45373

 

On Sat, May 13, 2017 at 2:07 AM, Nathan Fink < <mailto:nefink at gmail.com> nefink at gmail.com> wrote:

 

I show MS17-010 as already superseded in SCCM

 

On Fri, May 12, 2017 at 1:44 PM, Josh Luthman <josh at imaginenetworksllc.com

 

wrote:

 

MS17-010

 <https://technet.microsoft.com/en-us/library/security/ms17-010.aspx> https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

 

 

Josh Luthman

Office: 937-552-2340

Direct: 937-552-2343

1100 Wayne St

Suite 1337

Troy, OH 45373

 

On Fri, May 12, 2017 at 2:35 PM, JoeSox < <mailto:joesox at gmail.com> joesox at gmail.com> wrote:

 

Thanks for the headsup but I would expect to see some references to the patches that need to be installed to block the vulnerability (Sorry for sounding like a jerk).

We all know to update systems ASAP.

 

--

Later, Joe

 

On Fri, May 12, 2017 at 10:35 AM, Ca By < <mailto:cb.list6 at gmail.com> cb.list6 at gmail.com> wrote:

 

This looks like a major worm that is going global

 

Please run windows update as soon as possible and spread the word

 

It may be worth also closing down ports 445 / 139 / 3389

 

 <http://www.npr.org/sections/thetwo-way/2017/05/12/> http://www.npr.org/sections/thetwo-way/2017/05/12/

528119808/large-cyber-attack-hits-englands-nhs-hospital-

system-ransoms-demanded

 

 

 

 

 

 

 

 

 

 

 

---

 

Keith Stokes

More information about the NANOG mailing list