Patch Windows Against WannaCrypt Ransomware

Earlier we posted an article about how you can defend your PC against WannaCrypt or WannaCry ransomware. At that time Microsoft had not released anything except the assurance that Microsoft Defender and Microsoft Security Essentials can protect your PC against WannaCrypt. But now Microsoft has released several patches to protect your Windows PC against the vulnerability that WannaCrypt uses in order to infect and propagate over a network. Since millions of Windows XP computers were also infected, Microsoft has released patches for Windows XP too.

There are two patches in general – one is meant for Windows 7 and Windows Server 2008 R2, the other patch is designed for Windows XP, Windows Vista, Windows 8 and Windows Server 2003. Installing these two patches will make sure that WannaCrypt or any other ransomware cannot make use of the SMB vulnerability to infect your PC. Windows 10 is supposedly not affected by this vulnerability.

You can download the patch KB4012598 for Windows XP, Windows Vista, Windows 8 and Windows Server 2003 by visiting http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598. Similarly, the patch KB4012212 for Windows 7 and Windows Server 2008 R2 can be downloaded from http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212.

If you have automatic updates enabled in Windows and if you want to check whether these patches are already installed in your computer, then you can open an elevated command prompt window and give the following commands:

wmic qfe list | findstr KB4012212
wmic qfe list | findstr KB4012598

 

The first command is for Windows 7 and Windows Server 2008 R2. The second command is for Windows XP, Vista, 8 and Server 2003.

Patch Windows Against WannaCrypt

If nothing is displayed as a result of these commands, then you do not have the patch installed. However, if the patch is already installed then you will see one or two lines about the patch/hotfix. This is useful as this patch is also automatically installed with other cumulative patches. And if it is already installed, then you do not have to download it and manually install it.

More details about the Microsoft guidelines for protection against WannaCrypt ransomware can be viewed from https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/.

3 comments

  1. if you remove smb protocol from Windows features, then no patch is needed.
    99.99% windows users do not need that by default.

      1. what is connected with SMB 2 & ? Where to find those settings to remove it?
        I see only “SMB 1.0 CIF” and “SMB direct”?
        Do i miss something or you are just tooling the thema?

Comments are closed.