Ransomware Hits the Same Vulnerabilities
Keep calm: While the news is grim over the latest ransomware, the steps we’ve taken earlier will most likely keep most of us secure. It’s key that you have March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed to protect from the RTF (Rich Text Format) vulnerability being used in the attacks.
In addition, the vulnerability is specifically targeting networks and using some additional tricks up their sleeves as noted in PTSecurity blog post. The attackers are utilizing various network tools such as Windows Management Instrumentation (WMI) and PsExec to distribute the ransomware throughout a network. It further uses password retrieval tools to gain the local administrator passwords on the workstations in the network. For home and small businesses the best protection is to be vigilant in not opening suspicious emails, and to ensure the March and April updates are installed.
What to do: Ensure your systems have the March’s Windows updates installed to protect from the SMBv1 vulnerabilities and April’s Office updates installed.
Windows Fixes for IE Printing and Indexing
Microsoft has released updates to Windows 7, 8.1, and 10 to fix issues introduced by the June 13th Windows and Outlook updates.