You are probably aware of the computer virus, WannaCry, which caused havoc across the UK and 150 countries last Friday.
This was a particularly nasty virus which combined standard ransomware, using an infected Microsoft Office Document attachment, with a worm virus. For a user opening an infected attachment, this not only meant their files were encrypted, it enabled the virus to self-replicate and infect other computers on the same network, without user interaction. This explains why the virus was particularly damaging within the NHS.
Whilst we are pleased that most of our clients have not been affected, it has reinforced the importance of patching. Last week’s worm exploited a Windows vulnerability known to the NSA in the US and leaked into the Public Domain last month. In fact, Microsoft had released patches for this in March, when they became aware of the vulnerability.
Since the attack, our major concern has been the infection of unpatched servers, particularly those managing backups. We urge all businesses to ensure their servers and workstations are patched to at least the March 2017 cumulative security update.
PCR is happy to discuss undertaking this for you as part of our proactive managed update service or to advise on any implications. There may be potential delays to servers coming back up in a timely manner so we recommend finding a suitable time to schedule these updates to reduce disruption.
For more information on the importance of patching, read our recent blog; Reinforce your Security with Software and Patch Updates.
If you have any questions or would like to discuss how PCR can help manage your patch updates, please do not hesitate to contact us.