There is currently a worldwide security alert associated with the latest ransomware attack – ‘WannaCry’. Media coverage has been heightened as the exploit itself was originally discovered by the NSA in the US. Further newsworthiness was added when the first notified attack caused major issues with UK National Health computers.
\nThe issue affects servers as well as PC\u2019s and laptops. End user devices and Terminal (RDS) Servers are at greatest risk as the delivery method is via email to the user.<\/p>\n
Microsoft released fixes for weakness this ransomware exploits back in early March and they were also included in subsequent updates in April and May. Kinetics KARE clients with devices on Core Fundamentals or Total KARE had fixes approved and pushed out within 12 hours of their release in March<\/strong>.<\/p>\n Kinetics was alerted to the new attack on Saturday morning. Throughout Saturday, day and night, our team tracked the relevant security releases and ensured they had been pushed out wherever possible.<\/p>\n Kinetics KARE Ready Reaction clients do not have their patching proactively managed by Kinetics. However, given the high degree of this alert, we have pushed out a patch automation to those devices. Users may find that they run slow for the first 30 minutes after logging in.<\/p>\n [header2 text=”What can your staff do?” align=”left” color=”#336A40″ margintop=””]<\/p>\n It\u2019s important to note that the delivery method is similar to other ransomware. That is, an email is received which has a link in the email body or a in a Word\/PDF attachment. It\u2019s recommended all staff are reminded not to activate macros in Word documents received over the internet and not to follow links unless they are sure they are legitimate<\/strong>.<\/p>\n Kinetics also asks that staff be reminded that, when they receive a popup message from the Kinetics KARE Team asking them to restart their PC to install important updates or alerting that their PC has not been restarted for X days, they need to shut down and restart their device as soon as possible<\/strong>.<\/p>\n As a further precaution it\u2019s advised that everyone does a restart on their PC\/laptop at least once a week. Occasionally shutting down does not allow patches to complete their install. A restart at lunchtime or the end of the day has a positive impact on successful patch installations.<\/p>\n [header2 text=”Which patch protects you?” align=”left” color=”#336A40″ margintop=””]<\/p>\n Any device that has any one of the \u201cSecurity Monthly Quality Rollup for X\u201d or the \u201cCumulative Update for Windows 10 Version X\u201d for March, April or May installed is protected.<\/p>\n The major patch numbers are:<\/p>\n Windows 7 SP1:<\/strong> KB4012215, KB4012212, KB4015549, KB4019264 [header2 text=”What happens on Monday 15 MAY 2017?” align=”left” color=”#336A40″ margintop=””] Clients with KARE Ready Reaction on their Laptops\/PC\u2019s will be checked and if we detect issues Kinetics will contact you for permission to investigate and resolve issues.<\/p>\n Clients that do not have KARE on their end points and who want their system checked should contact support or their account manager to arrange a job.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" There is currently a worldwide security alert associated with the latest ransomware attack – ‘WannaCry’. Media coverage has been heightened as the exploit itself was originally discovered by the NSA in the US. Further newsworthiness was added when the first notified attack caused major issues with UK National Health computers. The issue affects servers as […]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-2105","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2105","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2105"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2105\/revisions"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nWindows Server 2008 R2 SP1:<\/strong> KB4012215, KB4012212, KB4019264
\nWindows Server 2012:<\/strong> KB4012214, KB4012217,KB4015551, KB4019216
\nWindows 8.1:<\/strong> KB4012216, KB4012213, KB4015550, KB4019215
\nWindows Server 2012 R2:<\/strong> KB4012216, KB4012213, KB4019215
\nWindows SMB Server:<\/strong> KB4012598
\nWindows 10:<\/strong> KB4013429, KB4012606, KB4013198, KB4016871, KB4019472<\/p>\n
\nPC\/laptops are at the greatest risk, as are Terminal (RDS) and Citrix servers. Kinetics will continue to check all Core Fundamental and Total KARE devices for missing patches and forcing their install. Remember – if you have Core Fundamentals or Total KARE on your PC\/Laptops, you have been protected since March. Kinetics is managing this for you and will continue to do so.<\/p>\n