Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
1085 posts

Uber Geek
+1 received by user: 216


  Reply # 1782568 15-May-2017 14:17
2 people support this post
Send private message quote this post

richms:

 

 

 

Its when people do stupid things like allow unsupported operating systems to browse the net or have email or be on the same lan as computers with customer data etc that the IT staff have to tell them no.

 

 

everyone is ignoring the REAL WORLD security issue is the user , not if the OS or if its patched or not.
Thats why fully patched Win7/10 PC's can get infected while unpatched/NEVER patched XP's can go without ever having infections/malware

 

Sure , better to be fully up to date with Win patches, but lets not pretend lack of updates is the cause of most malware infections .
When XP was current, most XP PC's I saw werent even doing winupdates: didnt cause meltdowns .

 

Last year, known Win7 update issues saw many thousands of Win7 PC's stop updating for several months, wasnt that big an issue (most didnt even notice).
There are still many XP PC's out there in NZ businesses. They arnt the big security issue. Users opening bogus emails & clicking on links & attachments is.

 

IT make suggestions , they cant dictate to management/owners .
They can choose to walk away from the job of course, its then someone else's issue, but nothing will have changed .

 

 


3 posts

Wannabe Geek


  Reply # 1782577 15-May-2017 14:42
Send private message quote this post

1101:

 

 

 

They arnt the big security issue. Users opening bogus emails & clicking on links & attachments is.

 



In this case a computer can still become infected without even opening an email


 
 
 
 


4875 posts

Uber Geek
+1 received by user: 2198

Subscriber

  Reply # 1782578 15-May-2017 14:45
Send private message quote this post

wpcharged:

 

In this case a computer can still become infected without even opening an email

 

 

Only if they are on a network that has been infected.

 

 





I reject your reality and substitute my own. - Adam Savage
 


gzt

8791 posts

Uber Geek
+1 received by user: 1149


  Reply # 1782663 15-May-2017 15:47
Send private message quote this post

and only if SMB1 is enabled.

Edit: on the target

3 posts

Wannabe Geek


  Reply # 1782664 15-May-2017 15:51
Send private message quote this post

Rikkitic:

 

wpcharged:

 

In this case a computer can still become infected without even opening an email

 

 

Only if they are on a network that has been infected.

 

 

 

 

 

 

"The worm functionality attempts to infect unpatched Windows machines in the local network. At the same time, it also executes massive scanning on Internet IP addresses to find and infect other vulnerable computers."

From the microsoft blog:
https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/

From what I understand that means it can infect unpatched systems on other networks which have TCP port 445 open.


gzt

8791 posts

Uber Geek
+1 received by user: 1149


  Reply # 1782672 15-May-2017 16:12
Send private message quote this post

One thing I'm not clear on yet. If the first machine is already patched when the ware runs on it, can it still infect unpatched machines?

6272 posts

Uber Geek
+1 received by user: 2730

Moderator
Trusted
Subscriber

  Reply # 1782674 15-May-2017 16:14
Send private message quote this post

gzt: One thing I'm not clear on yet. If the first machine is already patched when the ware runs on it, can it still infect unpatched machines?


Yes it can. I've tested this with a sample in a lab environment.




Michael Murphy | https://murfy.nz
Want to be with an epic ISP? Want $20 to join them too? Well, use this link to sign up to BigPipe!
The Router Guide | Electric KiwiCommunity UniFi Cloud Controller | Ubiquiti Edgerouter Tutorial


4875 posts

Uber Geek
+1 received by user: 2198

Subscriber

  Reply # 1782683 15-May-2017 16:44
Send private message quote this post

Are there likely to be many machines, even older ones, that are both unpatched and have port 445 open? The initial attack vector seems to have been an executable in an email attachment masquerading as a zip file by using a double extension. This is straight out of hacking 101 from the 1990s. It doesn't seem very sophisticated to me. On the other hand, it has obviously been pretty effective.

 

 





I reject your reality and substitute my own. - Adam Savage
 


261 posts

Ultimate Geek
+1 received by user: 55


  Reply # 1782703 15-May-2017 17:46
Send private message quote this post

Rikkitic:

 

Are there likely to be many machines, even older ones, that are both unpatched and have port 445 open? The initial attack vector seems to have been an executable in an email attachment masquerading as a zip file by using a double extension. This is straight out of hacking 101 from the 1990s. It doesn't seem very sophisticated to me. On the other hand, it has obviously been pretty effective.

 

 

 

 

 

 

any pc using a modem or them old adsl card that got put into pc when adsl first came out.

 

 

 

edit: and maybe a  USB tethered phone using direct apn 

 

 

 

edit 2 : ipv6 setup by someone not knowing what they are doing


1046 posts

Uber Geek
+1 received by user: 231

Subscriber

  Reply # 1783058 16-May-2017 12:39
Send private message quote this post

Rikkitic:

 

 I just tried the link again and it works fine. It also worked several times earlier today. It takes you to a page where you can choose a patch for your specific OS version. You can choose to patch only the vulnerability, or do a roll-up for the month.

 

 

 

 

There is no patch for my version of Windows 10 (1703). 

 

Was it included in Insider Preview 15063?





Life is too short to remove USB safely.




16542 posts

Uber Geek
+1 received by user: 1929

Trusted

  Reply # 1783072 16-May-2017 12:42
One person supports this post
Send private message quote this post

I'm quite sure I don't want to drive a smart car or live in a smart house or fly in a smart plane.

 

That way I won't be at risk of being held ransom in my car, house or halfway into the stratosphere, just because someone, somewhere, forgot to apply/didn't make a patch every 2 days.


4875 posts

Uber Geek
+1 received by user: 2198

Subscriber

  Reply # 1783074 16-May-2017 12:43
Send private message quote this post

Does Win 10 require patching? I thought it wasn't vulnerable.

 

 





I reject your reality and substitute my own. - Adam Savage
 


4875 posts

Uber Geek
+1 received by user: 2198

Subscriber

  Reply # 1783077 16-May-2017 12:49
One person supports this post
Send private message quote this post

joker97:

 

I'm quite sure I don't want to drive a smart car or live in a smart house or fly in a smart plane.

 

That way I won't be at risk of being held ransom in my car, house or halfway into the stratosphere, just because someone, somewhere, forgot to apply/didn't make a patch every 2 days.

 

 

In an unsmart car you can always have a heart attack and wipe out a dozen smart car passengers. Your unsmart house may burn down around you while you are sleeping. There are no more unsmart planes. The pilots are just there for ballast.

 

 





I reject your reality and substitute my own. - Adam Savage
 


Departed
10219 posts

Uber Geek
+1 received by user: 4371

Trusted
Subscriber

  Reply # 1783078 16-May-2017 12:49
Send private message quote this post

Rikkitic:

 

Does Win 10 require patching? I thought it wasn't vulnerable.

 

 

 

 

 

 

If you a up to date you have been patched, you are however still vulnerable 





Mike
Retired IT Manager. 
The views stated in my posts are my personal views and not that of any other organisation.

 

 

 

Take My Advice, Pull Down Your Pants And Slide On The Ice!

 

 


1798 posts

Uber Geek
+1 received by user: 843


  Reply # 1783081 16-May-2017 13:04
Send private message quote this post

joker97:

 

I'm quite sure I don't want to drive a smart car or live in a smart house or fly in a smart plane.

 

That way I won't be at risk of being held ransom in my car, house or halfway into the stratosphere, just because someone, somewhere, forgot to apply/didn't make a patch every 2 days.

 

 

You're still liable to die from some other programmer's (i.e. excluding security) mistake in most cars and planes. Or some mistake by a mechanical or aerodynamics or whatever designer.

 

 


1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Nothing nebulous about Microsoft’s cloud-transition
Posted 21-Jul-2017 15:34


We’re spending more on tech, but not as much as Australians
Posted 21-Jul-2017 11:43


Endace announces EndaceFabric for network-wide packet recording
Posted 20-Jul-2017 20:49


Acorn 6: MacOS image editing for the rest of us
Posted 20-Jul-2017 17:04


HTC faces backlash over keyboard pop-up ads
Posted 19-Jul-2017 15:53


BNZ adds Visa credit cards to Android Pay wallet
Posted 18-Jul-2017 19:44


Still living in a Notification hell – Om Malik
Posted 18-Jul-2017 13:00


Duet Display uses iPad to extend Mac, PC
Posted 18-Jul-2017 10:58


PC sales could be worse
Posted 17-Jul-2017 07:34


Crypto-currencies, tulips, market bubbles
Posted 17-Jul-2017 06:38


NZ Tech Podcast: Big batteries, solar cars, cold war, IoT
Posted 16-Jul-2017 16:53


Vodafone Australia mulls Wisp alliance, NZ implications
Posted 13-Jul-2017 16:49


Rural health professionals see fibre pay-off
Posted 13-Jul-2017 11:52


Vodafone announces expansion of $5 Daily Roaming
Posted 13-Jul-2017 10:20


Intel unveils powerful Intel Xeon Scalable processors
Posted 12-Jul-2017 20:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.