Old Windows PCs can stop WannaCry ransomware with new Microsoft patch

Ken Copeland
May 15, 2017

Britain's home secretary said one in five of 248 National Health Service groups had been hit.

(AP Photo/Matt Dunham). An exterior view shows the main entrance of St Bartholomew's Hospital, in London, one of the hospitals whose computer systems were affected by a cyberattack, Friday, May 12, 2017. A large cyberattack crippled computer systems at hospitals across England on Friday, with appointments canceled, phone lines down and patients turned away.

Here are things to know about the ransomware attack.

The malware, using a technique purportedly stolen from the US National Security Agency, stopped care in hospitals across the United Kingdom, affected Russia's ministry of interior and infected company computer systems in countries from Eastern Europe to the US and Asia. He told GeekWire in an email exchange that Friday's attack appears to fit this description. Dozens of countries were hit with a huge cyberextortion. It's nice of Microsoft to make this security update broadly available, but it's also imperative for Redmond to do so - after all, the reputation of Windows is on the hook.

But many companies and individuals haven't installed the fixes yet, or are using older versions of Windows that Microsoft no longer supports and didn't fix.

Microsoft released fixes for the vulnerability in March, but computers that didn't run the update were subject to the ransom attack.

For instance, the Conficker virus, which first appeared in 2008 and can disable system security features, also spreads through vulnerabilities in internal file sharing.

UFC title fight ends in beautifully awkward marriage proposal
Fighting in Rio de Janeiro for the first time in 2012, Andrade was set to take on Duda Yankovich at Bitetti Combat 12. In addition to the leg kicks, Jedrzejczyk's jab was a frequent weapon, occasionally followed by the straight right.

Almirola in stable condition after scary crash, held overnight for observation
Richard Petty Motorsports said in a statement Sunday that Almirola was mobile and returning to his home in North Carolina. As the lone driver for Richard Petty Motorsports this season, his health is of the utmost importance for the No. 43 team.

Bradley scores 29, Celtics power past Wizards, 123-101
In the first half alone he had three blocks at the rim, denying Wall twice on drives to the basket for what appeared to be layups. He wasn't bad by any means on Wednesday night, by the way - just a part of his team's machine as opposed to its cog.

Computers infected with WannaCry will have their data encrypted, and display a ransom note demanding $300 or $600 in bitcoin to free the files. As a post on TechNet points out: "The exploit code used by WannaCrypt was created to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack". "WannaCry" relies on an exploit discovered by the NSA and leaked by a hacker collective known as The Shadow Brokers back in April; if the exploit was disclosed and patched in a timely manner, this epidemic could have been prevented.

Once a vulnerable PC becomes infected, the computer will attempt to spread to other machines over the local network as well as over the internet. Many groups were affected by the attacks because machines had not had updated versions of Windows or had versions that Microsoft was no longer offering patches for. An unidentified young cybersecurity researcher claimed to help halt WannaCry's spread by activating a so-called "kill switch". "It's one of the first times we've seen a large worldwide global campaign", said Chris Camacho, chief strategy officer for Flashpoint, a cyber-intelligence company.

More than 45,000 WannaCrypt attacks have been recorded around the world, including in the UK, US, Russia, Ukraine, India, China, Italy, Spain, and Egypt. According to the report, a researcher who identified himself as MalwareTech and works for Kryptos logic stopped the attack.

His move may have saved governments and companies millions of dollars and slowed the outbreak before US -based computers were more widely infected.

Affected users can restore their files from backups, if they have them, or pay the ransom; otherwise they risk losing their data entirely.

British cybersecurity expert Graham Cluley doesn't want to blame the NSA for the attack. Because they could have done something ages ago to get this problem fixed, and they didn't do it, Cluley said.

Other reports by Guamnewswatch

Discuss This Article