What is this all about?
In essence, WannaCry (or WannaCrypt) is a ransomware computer worm that in just a few days has spread over the world. It targets the Microsoft Windows operating system and uses a vulnerability called “EternalBlue”. Whenever a machine is affected, it is locked and the user is prompted with a message stating that all files on the computer have been encrypted and is demanding ransom payments.
- The following operating systems are affected:
- Microsoft Windows Vista SP2
- Windows Server 2008 SP2 and R2 SP1
- Windows 7
- Windows 8.1
- Windows RT 8.1
- Windows Server 2012 and R2
- Windows 10
- Windows Server 2016
- Windows XP
Can I be affected?
Here is how you find out if a machine is exposed to the risk of being affected:
- Running any OS listed above
- Is missing security releases and Windows updates from march can be affected by WannaCry
- Has SMBv1 enabled
The obvious solution here is to either disable SMBv1 and patching all machines with the latest updates, but how can you quickly find out and ensure compliance of every machine in the network?
How vScope can help
With vScope up and running, organizations have full insight of every machine configuration across the whole datacenter. This enables organizations to take proactive measure to avoid issues by quickly finding outdated patches or as in this case, which machines that have SMBv1 enabled.
We have used the vScope product to create a customized dashboard with the patches needed for MS17-010, not sure what we would have done without this!
Don Arnold, Abington Jefferson Health
Quickly minimize the impact of WannaCry by…
Just accessing a prebuilt report, listing all machines that might be at risk
Build a table of the patch status of your machines to better overview the patch status
Evaluate and understand current how current patching is done by looking at changes