Microsoft scrambles to fix worst Windows issue 'in recent memory'

SteveGG wrote:
Why don't you post so others can read ?!

Presummably, the fix would involve some update like thing for Windows
7. I stopped updating when they started seriously pushing to go to
Windows 10, sometime last September.

What should I do ? Anyone ?

Work through the article here. It tells you some criteria
for whether a given OS missed its patch or not. This allows
you to at least determine if you're exposed at the moment.
Patching started some time in March, which means my Win10
"update madness" OSes are the only ones patched right now.

https://www.askwoody.com/2017/how-to...crywannacrypt/

Paul

Charlie+ wrote:
On Mon, 15 May 2017 16:32:49 -0400, Paul wrote
as underneath :

SteveGG wrote:
Why don't you post so others can read ?!

Presummably, the fix would involve some update like thing for Windows
7. I stopped updating when they started seriously pushing to go to
Windows 10, sometime last September.

What should I do ? Anyone ?
Work through the article here. It tells you some criteria
for whether a given OS missed its patch or not. This allows
you to at least determine if you're exposed at the moment.
Patching started some time in March, which means my Win10
"update madness" OSes are the only ones patched right now.

https://www.askwoody.com/2017/how-to...crywannacrypt/

Paul

MS would have worked out in a few minutes from the NSA leak in March
which of its operating systems would be vulnerable in an attack - they
seem to have taken a decision not to issue a band-aid patch for their
old systems - leading to wide propagation in any attack, they seem to
have taken a commercial decision (guessing) presumably to assist in the
push to W10. Far from accolades for MS for moving fast - I blame them
for holding back for over a month until an attack actually propagated
widely, only then did they issue patches for older systems, which they
must have had written in anticipation ready for the event, I think MS
may have been very naughty indeed. C+

+1

The WinXP patch would have been written for the WePOS products.

Paul

On 5/16/2017 9:05 AM, Paul wrote:
Charlie+ wrote:
On Mon, 15 May 2017 16:32:49 -0400, Paul wrote
as underneath :

SteveGG wrote:
Why don't you post so others can read ?!

Presummably, the fix would involve some update like thing for Windows
7. I stopped updating when they started seriously pushing to go to
Windows 10, sometime last September.

What should I do ? Anyone ?
Work through the article here. It tells you some criteria
for whether a given OS missed its patch or not. This allows
you to at least determine if you're exposed at the moment.
Patching started some time in March, which means my Win10
"update madness" OSes are the only ones patched right now.

https://www.askwoody.com/2017/how-to...crywannacrypt/


Paul

MS would have worked out in a few minutes from the NSA leak in March
which of its operating systems would be vulnerable in an attack - they
seem to have taken a decision not to issue a band-aid patch for their
old systems - leading to wide propagation in any attack, they seem to
have taken a commercial decision (guessing) presumably to assist in the
push to W10. Far from accolades for MS for moving fast - I blame them
for holding back for over a month until an attack actually propagated
widely, only then did they issue patches for older systems, which they
must have had written in anticipation ready for the event, I think MS
may have been very naughty indeed. C+

+1

The WinXP patch would have been written for the WePOS products.

Paul

"IBM recommends Windows Embedded for Point of Service (WEPOS) as the
preferred Windows OS for the point-of-sale environment."

https://www-01.ibm.com/common/ssi/re...SAG08-0800.PDF

--
Posted for other folk who don't understand the jargon! ;-)

On Mon, 15 May 2017 16:32:49 -0400, Paul wrote:

SteveGG wrote:
Why don't you post so others can read ?!

Presummably, the fix would involve some update like thing for Windows
7. I stopped updating when they started seriously pushing to go to
Windows 10, sometime last September.

What should I do ? Anyone ?

Work through the article here. It tells you some criteria
for whether a given OS missed its patch or not. This allows
you to at least determine if you're exposed at the moment.
Patching started some time in March, which means my Win10
"update madness" OSes are the only ones patched right now.

https://www.askwoody.com/2017/how-to...crywannacrypt/

I haven't time to read the article, but my IT guy at work provided
the following Registry change:

"HKLM:\SYSTEM\CurrentControlSet\Services\LanmanSer ver\Parameters"
Add value: SMB1
Type: DWORD
Data: 0

And then you have to reboot.

In Windows 8 and 10 it's much easier: Programs and Features*» Turn
Windows Features On or Off. Locate SMB 1, remove the check mark.

--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://BrownMath.com/
http://OakRoadSystems.com/
Shikata ga nai...

Stan Brown wrote:
On Mon, 15 May 2017 16:32:49 -0400, Paul wrote:
SteveGG wrote:
Why don't you post so others can read ?!

Presummably, the fix would involve some update like thing for Windows
7. I stopped updating when they started seriously pushing to go to
Windows 10, sometime last September.

What should I do ? Anyone ?
Work through the article here. It tells you some criteria
for whether a given OS missed its patch or not. This allows
you to at least determine if you're exposed at the moment.
Patching started some time in March, which means my Win10
"update madness" OSes are the only ones patched right now.

https://www.askwoody.com/2017/how-to...crywannacrypt/

I haven't time to read the article, but my IT guy at work provided
the following Registry change:

"HKLM:\SYSTEM\CurrentControlSet\Services\LanmanSer ver\Parameters"
Add value: SMB1
Type: DWORD
Data: 0

And then you have to reboot.

In Windows 8 and 10 it's much easier: Programs and Features » Turn
Windows Features On or Off. Locate SMB 1, remove the check mark.


The intention being, to forever break file sharing with
a WinXP machine.

If you use the patch instead, the theory is that file
sharing continues to work. "Nil" checked the WinXP patch,
and file sharing in both directions continued to work.
You could go Win10 to WinXP, or WinXP to Win10, and it
still worked. My machine wasn't so lucky, but there's
something wrong with my WinXP install, so this is
par for the course here. That's why I have to ask
others to double-check my test results on WinXP.
So "Nil" got a pass on the test case.

Your IT guy solution is "belt and suspenders". Yes it
works, but it's a bit of overkill. It would have been
appropriate in Feb.2017, when the NSA dump happened and
people were scrambling for cover. If you have survived to
this point, then the patch and the AskWoody article
are still useful.

If you didn't trust Microsoft to do a good job on patching
SMB, then again, your IT guy is right to suggest that.

If you don't have any WinXP machines, then... go right ahead :-)
Pull the trigger. SMBv2 on the remaining pool od computers,
will likely continue to work. WinXP only has SMBv1, and if
you switch SMBv1 off on the other PCs, then WinXP is going to
feel a bit lonely.

And I did think about doing it... I didn't ignore the idea.

Paul

On Tue, 16 May 2017 22:35:00 -0400, Paul wrote:

Stan Brown wrote:
On Mon, 15 May 2017 16:32:49 -0400, Paul wrote:
https://www.askwoody.com/2017/how-to...crywannacrypt/

I haven't time to read the article, but my IT guy at work provided
the following Registry change:

"HKLM:\SYSTEM\CurrentControlSet\Services\LanmanSer ver\Parameters"
Add value: SMB1
Type: DWORD
Data: 0

And then you have to reboot.

In Windows 8 and 10 it's much easier: Programs and Features » Turn
Windows Features On or Off. Locate SMB 1, remove the check mark.


The intention being, to forever break file sharing with
a WinXP machine. ...

Your IT guy solution is "belt and suspenders". Yes it
works, but it's a bit of overkill. It would have been
appropriate in Feb.2017, when the NSA dump happened and
people were scrambling for cover. If you have survived to
this point, then the patch and the AskWoody article
are still useful.

If you didn't trust Microsoft to do a good job on patching
SMB, then again, your IT guy is right to suggest that.

I really don't. Their track record is so awful, and anyway I'd much
rather make a registry edit that download and install megabytes. IT
guy didn't tell me about Win XP file sharing, but it's a non-issue
for me.

I do have an XP system, as it happens, but file sharing with my Win 7
machine has never worked and that hasn't been enough of a problem for
me to spend any time investigating it.

Thanks for the additional information, Paul.





--
Stan Brown, Oak Road Systems, Tompkins County, New York, USA
http://BrownMath.com/
http://OakRoadSystems.com/
Shikata ga nai...

On Wed, 17 May 2017 21:14:30 -0400, Stan Brown
wrote:

On Tue, 16 May 2017 22:35:00 -0400, Paul wrote:
Your IT guy solution is "belt and suspenders". Yes it
works, but it's a bit of overkill. It would have been
appropriate in Feb.2017, when the NSA dump happened and
people were scrambling for cover. If you have survived to
this point, then the patch and the AskWoody article
are still useful.

If you didn't trust Microsoft to do a good job on patching
SMB, then again, your IT guy is right to suggest that.

I really don't. Their track record is so awful, and anyway I'd much
rather make a registry edit that download and install megabytes. IT
guy didn't tell me about Win XP file sharing, but it's a non-issue
for me.

I do have an XP system, as it happens, but file sharing with my Win 7
machine has never worked and that hasn't been enough of a problem for
me to spend any time investigating it.

At about the time the new ransomware was announced, my XP machine
stopped file sharing with the Win 7-10 machines on our home network,
which was a nuisance because our printer is attached to the XP
machine.

After some discussions in XP newsgroups, where I had asked for help,
the problem suddenly corrected itself, with no intervention from me.


--
Steve Hayes
http://www.khanya.org.za/stevesig.htm
http://khanya.wordpress.com

Steve Hayes on Thu, 18 May 2017 05:45:56 +0200
typed in alt.windows7.general the following:
On Wed, 17 May 2017 21:14:30 -0400, Stan Brown
wrote:

On Tue, 16 May 2017 22:35:00 -0400, Paul wrote:
Your IT guy solution is "belt and suspenders". Yes it
works, but it's a bit of overkill. It would have been
appropriate in Feb.2017, when the NSA dump happened and
people were scrambling for cover. If you have survived to
this point, then the patch and the AskWoody article
are still useful.

If you didn't trust Microsoft to do a good job on patching
SMB, then again, your IT guy is right to suggest that.

I really don't. Their track record is so awful, and anyway I'd much
rather make a registry edit that download and install megabytes. IT
guy didn't tell me about Win XP file sharing, but it's a non-issue
for me.

I do have an XP system, as it happens, but file sharing with my Win 7
machine has never worked and that hasn't been enough of a problem for
me to spend any time investigating it.

At about the time the new ransomware was announced, my XP machine
stopped file sharing with the Win 7-10 machines on our home network,
which was a nuisance because our printer is attached to the XP
machine.

After some discussions in XP newsgroups, where I had asked for help,
the problem suddenly corrected itself, with no intervention from me.

Of course.
--
pyotr filipivich
Next month's Panel: Graft - Boon or blessing?