nanog mailing list archives
Re: Please run windows update now
From: Joe <jbfixurpc () gmail com>
Date: Sat, 13 May 2017 00:07:39 -0500
One word. Linux. After this we'll probably see (yet more) additional processes running on windows boxes safe guarding against issues like this, forcing windoze users to upgrade memory/processor/disk space. I, for one, am not looking at Windoze 10 S as it locks too many applications needed for work to the Windoze store. Getting kind of ridiculous if you ask me. -Joe On Fri, May 12, 2017 at 11:56 PM, Keith Medcalf <kmedcalf () dessus com> wrote:
Well, this one was patched (or more accurately, undone). Perhaps. Maybe. How many other "paid defects" do you estimate there are in Microsoft Windows waiting to be exploited when discovered (or disclosed) by someone other than the "Security Agency" buying the defect? Almost certainly more than just this one ... and almost certainly there is more than a single "payor agency" independently purchasing the deliberate introduction of code defects. -- ˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı-----Original Message----- From: Nathan Brookfield [mailto:Nathan.Brookfield () simtronic com au] Sent: Friday, 12 May, 2017 22:48 To: Keith Medcalf Cc: nanog () nanog org Subject: Re: Please run windows update now Well it was patched by Microsoft of March 14th, just clearly people running large amounts of probably Windows XP have been owned. Largely in Russia. Nathan Brookfield Chief Executive Officer Simtronic Technologies Pty Ltd http://www.simtronic.com.au On 13 May 2017, at 14:47, Keith Medcalf <kmedcalf () dessus com> wrote: The SMBv1 issue was disclosed a year or two ago and never patched. Anyone who was paying attention would already have disabled SMBv1. Thus is the danger and utter stupidity of "overloading" the function of service listeners with unassociated road-apples. Wait until the bad guys figure out that you can access the same "services" via a connection totheDNS port (UDP and TCP 53) on windows machines ... -- ˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı-----Original Message----- From: NANOG [mailto:nanog-bounces+kmedcalf=dessus.com () nanog org] OnBehalfOf Karl Auer Sent: Friday, 12 May, 2017 18:58 To: nanog () nanog org Subject: Re: Please run windows update nowOn Fri, 2017-05-12 at 10:30 -0800, Royce Williams wrote: - In parallel, consider investigating low-hanging fruit by OU (workstations?) to disable SMBv1 entirely.Kaspersky reckons the exploit applies to SMBv2 as well: https://securelist.com/blog/incidents/78351/wannacry-ransomware-used-in-widespread-attacks-all-over-the-world/ I thought it was a typo in para 2 and the table, but they emailed back saying nope, SMBv2 is (was) also broken. However, they also say (same page) that the MS patch released in March this year fixes it. Assuming they are right, I wonder why Microsoft didn't mention SMBv2? Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Karl Auer (kauer () biplane com au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: A52E F6B9 708B 51C4 85E6 1634 0571 ADF9 3C1C 6A3A Old fingerprint: E00D 64ED 9C6A 8605 21E0 0ED0 EE64 2BEE CBCB C38B
Current thread:
- Please run windows update now Ca By (May 12)
- Re: Please run windows update now Alexander Maassen (May 12)
- Re: Please run windows update now Royce Williams (May 12)
- Re: Please run windows update now Karl Auer (May 12)
- RE: Please run windows update now Keith Medcalf (May 12)
- Re: Please run windows update now Nathan Brookfield (May 12)
- RE: Please run windows update now Keith Medcalf (May 12)
- Re: Please run windows update now Joe (May 12)
- RE: Please run windows update now Keith Medcalf (May 12)
- Re: Please run windows update now Rich Kulawiec (May 14)
- Re: Please run windows update now valdis . kletnieks (May 15)
- RE: Please run windows update now Eliezer Croitoru (May 15)
- Re: Please run windows update now Randy Bush (May 15)
- Re: Please run windows update now Rich Kulawiec (May 15)
- Re: Please run windows update now Randy Bush (May 15)
- Re: Please run windows update now bzs (May 15)
- Re: Please run windows update now valdis . kletnieks (May 15)
- Re: Please run windows update now William Waites (May 15)
- Re: Please run windows update now Royce Williams (May 12)
- Re: Please run windows update now Alexander Maassen (May 12)