Jump to content
rsc204

Major flaw in Windows systems... make sure you've patched it.

52 posts in this topic Last Reply

Recommended Posts

This morning I found this good news. A trio of french computer engineers found a way to stop "WannaCry". They posted a patch here and is in english just for you.
The article spoke of this patch as something to do with RAM (? from me).

Good luck !

Share this post


Link to post
Share on other sites
  • Original Poster
  • I'd be cautious about that, because just the information you posted throws up red flags.

    Anything in RAM is cleared when you switch off your PC, so that won't fix anything, it's not persistent.

    The flaw was fixed officially by Microsoft, why would you install a 3rd party patch from an unknown source?

    They say they found a way to stop it, well that's not new either. The way the original exploit was created, it had an emergency "kill switch" if you will. No one is sure why, but presumably because someone wanted a way to stop the spread of this nasty from getting out of hand. Sadly, other hackers now using the same exploit may not be so sensible, variants are already being seen in the wild.

    The latest information seems to suggest it was not Windows XP that allowed this problem to spread. It was unpatched Windows 7 machines mostly behind the problem. I can believe that, since the number of people on this site alone that refuse to install updates, a fall out from the GWX (Get Windows 10) nagware. In addition to MS adding Spyware like telemetry to Windows Update made a lot of people loose trust in MS.

    However, it's time to accept that if you don't patch your machine, you could be in big, big trouble. So if you know what you are doing, you take your chances and it's on you if it goes wrong. If you don't, there is only one sane course of action:

    • Step 1
      Update Windows and keep it up-to date. This is your best protection against all sort of attacks that could cause problems. That sadly includes upgrading to a newer version of Windows when support runs out for your existing system. Otherwise switching to another system with security updates.
    • Step 2
      Install and use anti-virus software. You don't need to pay for it, just have something. Personally I've been using the free Microsoft one a long time and couldn't be happier.
    • Step 3
      This really can not be understated. Have a backup of your important data. Think to yourself, what could you stand to loose if the worst happened? Anything that doesn't come into that category should be stored off your PC somewhere safe, just in case. This is nothing to do with Viruses/Malware per-se, but just simple common sense insurance against a number of potential problems.

    Share this post


    Link to post
    Share on other sites
    1 hour ago, rsc204 said:

    The flaw was fixed officially by Microsoft


    One that works ? As you may noticed I tried 6 patches with no luck. Even the famous (unfamous) MS17-010 one.

     

    1 hour ago, rsc204 said:

    This really can not be understated. Have a backup of your important data.

    What "important data" ? Where ? How ? I've copied the whole C: hard disk into an unconnected hard disk. It's that enough ? I don't think so, since an infected site (mine), wouldn't repair the hard drive with the backup files.
    Then again, why would THEY would want to attack a site like this one ?

    Share this post


    Link to post
    Share on other sites

    @rsc204: Thank You very much for Your theme. I very simply solved the problem of updates through Your link. I work with XP and have no official links to upgrade. You helped me - Thanks again and good luck!!!

    Share this post


    Link to post
    Share on other sites
  • Original Poster
  • 1 hour ago, huzman said:

    One that works ? As you may noticed I tried 6 patches with no luck. Even the famous (unfamous) MS17-010 one.

    Something could be wrong with your Windows Update system. I linked before to a solution to fix this:

    On 15/05/2017 at 1:06 AM, rsc204 said:

    I did notice this after installing the patch on my XP machines as well, but Windows Update has had this flaw for a long time. You might find this information helpful.

    The other possibility is that you simply didn't download the correct patch for your specific OS. Although I would expect an error rather than it just not responding.

    1 hour ago, huzman said:

    What "important data" ? Where ? How ?

    The data that is important to you, that could be anything. The question is too expansive for a single answer that covers all scenarios. For example, a backup on an external drive might be sufficient for some people. Others may decide multiple redundant backups are necessary. They key here is knowing what data you find important and knowing you have it safe.

    So let's for example take your example of an external HDD as a backup. Something goes wrong and you have lost all data on your PC. Whilst picking up the drive to plug it in to restore your data, you drop it and break the external drive, what now? Unlikely, sure, possible, you bet - if it happens your data could be toast.

    That's where redundancy comes into play. Having multiple backups using different systems and even different locations for them. Each one will decrease the possibility of the worst case scenario happening to your data. Of course, it can get troublesome and expensive depending on how far you go. So you have to evaluate what's necessary for your own piece of mind based on the value of your files. But for example, keeping those files most important to you both on external storage and on an online file storage service would likely be sufficient for most.

    1 hour ago, huzman said:

    So what's your answer ? What patch ?

    The official MS one. I wouldn't trust anything else. If you can't install it, you need to fix that problem first.

    Share this post


    Link to post
    Share on other sites

    @rsc204: I apologize. 

    I worked with Your link and tried the link from my antivirus. For Windows XP SP3 x32(86) runs Your link only. Link from my antivirus program not gives me a link to Windows XP !!! I will try to protect my second comp (HP Laptop) with Win 8.1 tomorrow. If I only have some time ... *:lol:

    Thank You once more... *:thumb:

    Share this post


    Link to post
    Share on other sites

    It appears that the exploit for ransomware has been activated again!

    ransomware-microsoft-vulnerability-june-2017

    Please patch up if you have not done so. It has been reported on multiple news sites and that it seems that the patch aforementioned for Wannacry has been effective in stopping the spread of the ransomware.

    So... Please Patch up if you have not done so. You don't want to be left in the dark.

    -eggman121

    Share this post


    Link to post
    Share on other sites
    18 hours ago, Eggman121 said:

    It appears that the exploit for ransomware has been activated again!

    This is getting epidemic, ain't it.
    I have tried to patch up my XP3 several times with several patches. No luck.
    But then again, why those cretins would want to hack ST? Like someone said, this site is not a priority

    Share this post


    Link to post
    Share on other sites

    It might make sense to remove SMB v1 ( it is an SMB v1 exploit if I'm not mistaken after all ) through "add/remove windows components" (or so) in addition to patching.

    Also renaming VSSAdmin.exe might be a good idea as well since ransomwares usually use it to get rid of shadow copies (that you can use to restore some files)

    Share this post


    Link to post
    Share on other sites
    On 14/05/2017 at 4:40 AM, rsc204 said:

    Failure to patch your system could lead to infection in the form of a blackmail scam, where your entire hard drive's files are encrypted, so you can no longer access them. The scammers are then demanding between $300-$600 to "unlock" these files for your PC. Of course, being scammers, they can't be trusted. Almost certainly your computer would be compromised in other ways. There is also no real guarantee you'll get your files back. The only solution that's safe is to fully wipe your drive and restore from a backup, assuming you have one. So you could loose all your data if you get caught out.

    Lol, I fell for it once.

    The funny thing is that I kept it at bay for month without even realizing, I always close the running processes that I don't recognize or have a funny name.

    One day I got a window with two buttons, a yes and a cancel, if I click cancel, the window keeps popping out again and again until I click yes, how do I know? I clicked yes, I knew that it was fishy but still clicked yes, and instantly most my files became encrypted by a ransomware, luckily I always keep back up on external hard drives. 

    Share this post


    Link to post
    Share on other sites

    Stay safe, always keep a backup on more than one external hard drive, don't forget to regurally scan your hard drives and your computer, and make sure not to download from anywhere.

    Share this post


    Link to post
    Share on other sites
  • Original Poster
  • 35 minutes ago, IL. said:

    One day I got a window with two buttons, a yes and a cancel, if I click cancel, the window keeps popping out again and again until I click yes, how do I know?

    Well the simple fact that as a user, knowing the window itself shouldn't be there, should raise alarm bells. It's safer to switch off the PC than click yes or even cancel, because nothing stops someone from programming the cancel button to do something nasty.

    If you ever get such a popup, click nothing. Try to cancel the application through Task Manager. If that fails, hit the reset or power button of your PC. Having got rid of the window (hopefully), perform a full virus scan at this point. If it doesn't return, you are probably alright. If you see it again, you are infected, your A/V software can't help and your best bet is getting a Linux Live CD or AV suite that runs outside of the operating system to clean it. In the meantime disconnect your internet (physically if need be, power off the router), and avoid using the computer at all with your usual OS. So if you need to download tools, use another machine to do that, it's much safer.

    Share this post


    Link to post
    Share on other sites
    1 hour ago, rsc204 said:

    Well the simple fact that as a user, knowing the window itself shouldn't be there, should raise alarm bells. It's safer to switch off the PC than click yes or even cancel, because nothing stops someone from programming the cancel button to do something nasty.

    If you ever get such a popup, click nothing. Try to cancel the application through Task Manager. If that fails, hit the reset or power button of your PC. Having got rid of the window (hopefully), perform a full virus scan at this point. If it doesn't return, you are probably alright. If you see it again, you are infected, your A/V software can't help and your best bet is getting a Linux Live CD or AV suite that runs outside of the operating system to clean it. In the meantime disconnect your internet (physically if need be, power off the router), and avoid using the computer at all with your usual OS. So if you need to download tools, use another machine to do that, it's much safer.

    Yeah it was a very stupid mistake, I thought about it but my hand just went to the yes lol 

    I'm being very careful on the computer on which I have all my important stuff, but the other one I don't care, I'd just formate it gets some serious problems.

    The best bet is to always back up your stuff and to be careful not download from anywhere. 

    Thanks for the advice btw, I didn't know that they can do something to the cancel button 

    Share this post


    Link to post
    Share on other sites
    7 minutes ago, IL. said:

    I didn't know that they can do something to the cancel button

    They can do it to the little X in upper right corner if present and they want to. Even Microsloth used that method to install a virus Windoze 10 on unsuspecting peep's comps.

    Share this post


    Link to post
    Share on other sites

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an Account  

    Sign up to join our friendly community. It's easy!  

    Register a New Account

    Sign In  

    Already have an account? Sign in here.

    Sign In Now


    • Recently Browsing   0 members

      No registered users viewing this page.

    ×

    Help Keep Simtropolis Online, Open & Free!

    stexcollection-header.png

    Would you be able to help us catch up after a bit of a shortfall?

    We had a small shortfall last month. Your donation today would help us catch up for this month.

    Make a Donation, Get a Gift!

    We need to continue to raise enough money each month to pay for expenses which includes hardware, bandwidth, software licenses, support licenses and other necessary 3rd party costs.

    By way of a "Thank You" gift, we'd like to send you our STEX Collector's DVD. It's some of the best buildings, lots, maps and mods collected for you over the years. Check out the STEX Collections for more info.

    Each donation helps keep Simtropolis online, open and free!

    Thank you for reading and enjoy the site!

    More About STEX Collections