Patch MS17-010 NOW!!!


Crypto malware which has affected Telefonica and other organizations in Spain; and the NHS in the UK has recently been confirmed as being a fully weaponized version of the crypto malware “Wcry”.

As far as we currently understand this new strain incorporates active exploitation of the vulnerability patched in the MS17-010 update released by Microsoft in March.

This is novel behavior for crypto malware and we expect this to have wide spread effects. We strongly advise you to ensure all internal systems (especially critical domain controllers, fileservers and exchange servers) have the MS17-010 patch applied as soon as possible.

Additionally, because of the nature of malware propagation, you should ensure that any current back-ups are held offline, if backups are offline they can’t be encrypted in the event of your network being hit.

Attributed to Sec-1 – 12/05/2017