TheAppleFreak wrote This ransomware looks like it's a nasty piece of work; large areas of Europe have been impacted by the issue. The malware exploits the same SMB bug that was used in the leaked NSA tool EternalBlue, which was patched in March 2017 as per [ Register or Signin to view external links. ] . Patching your machines for MS17-010 will do quite a lot to stop the spread of this malware.

For people using the following versions of Windows, make sure you have the following patches installed on your machine:

Windows Vista and Windows Server 2008 - [ Register or Signin to view external links. ]
Windows 7 and Windows Server 2008 R2 - [ Register or Signin to view external links. ] (standalone) OR [ Register or Signin to view external links. ] (update rollup)
Windows Server 2012 - [ Register or Signin to view external links. ] (standalone) OR [ Register or Signin to view external links. ] (update rollup)
Windows 8.1 and Windows Server 2012 R2 - [ Register or Signin to view external links. ] (standalone) OR [ Register or Signin to view external links. ] (update rollup)
Windows 10 (you can check your installed version and build by pressing Win-R and running winver)

• Pre-version 1511 - [ Register or Signin to view external links. ]
  
• Version 1511 - [ Register or Signin to view external links. ]
  
• Version 1607 and Windows Server 2016 x64 - [ Register or Signin to view external links. ] (OS build 14393.953). NOTE: If you have any of the following patches installed, you're good: KB4015438 (14393.969), KB4016635 (14393.970), KB4015217 (14393.1083), and KB4019472 (14393.1198). All of these replace KB4013429.
  
• [ Register or Signin to view external links. ]
  

To check if you have the update installed, check the hotfix ID for your OS, then in a command prompt run the command wmic qfe get hotfixid | find "$hotfixid", where $hotfixid is the ID of the update (also the quotes are important!). Make sure that the KB is capitalized, otherwise the search will fail. If it is installed, it will return the hotfix ID. If it isn't installed, it will not return anything.
If you download an update and it's a CAB file, you can install it by running the following command: start /w dism.exe /Online /Add-Package /PackagePath:C:\Path\To\Downloaded\Update.cab. Restart when prompted.
Stay safe, everyone.

[ Register or Signin to view external links. ]

What is it?

The ransomware locks down all the files on an infected computer and asks the computer's administrator to pay in order to regain control of them.

The ransomware, called "WannaCry," is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven't updated their systems are at risk. The exploit was leaked last month as part of a trove of NSA spy tools.

"Affected machines have six hours to pay up and every few hours the ransom goes up," said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. "Most folks that have paid up appear to have paid the initial $300 in the first few hours."

[ Register or Signin to view external links. ]