Microsoft has released a security update through Windows Update that fixes CVE-2018-0986, a vulnerability in the Microsoft Malware Protection Engine used in Windows Defender, Microsoft Security Essentials, Microsoft Endpoint Protection, Windows Intune Endpoint Protection, and Microsoft Forefront Endpoint Protection. Users should install the latest updates to install the fixes.
On Jan 3 Microsoft released updates addressing these vulnerabilities for the following operating systems with more to come:
Windows Server 2008 R2
Windows Server 2012 R2
Windows Server 2016
Windows Server Core
We are not recommending you install these during business hours or without Technical assistance as there are reports of systems failing to boot patch as of today
Microsoft has released an out of out of band security update for Windows Defender found on Windows 7, 10 and Server 2008. If you are running a third Party Anti Virus solution your version of Windows Defender will be disabled. If not you should run Windows Update to ensure you apply the update ASAP.
Today security experts are warning of the continued spread of WCry and of numerous variants being released over the weekend.
Typical of Any Ransomware users should be vigilant with any emails that could be carrying a payload or be links to a payload. At this point Microsoft has not ruled out any attack vectors:
We haven’t found evidence of the exact initial entry vector used by this threat, but there are two scenarios we believe are highly possible for this ransomware family:
- Arrival through social engineering emails designed to trick users to run the malware and activate the worm-spreading functionality with the SMB exploit
- Infection through SMB exploit when an unpatched computer can be addressed in other infected machines
Microsoft has released a patch for Operating systems going as far back as XP:
Windows update MS17-010
Mainstream support for Vista ended in April 2012, Extended support is ending April 11, 2017 which means no further security updates or paid support. With no updates the use of Windows Vista is not advices and we recommend all personal and business computers be updated to Windows 7 or Windows 10.
Microsoft’s Universal APP Remote Desktop has been updated with desktop scaling options. With high DPI notebooks and two in ones (Surface etc.) becoming more popular this is a welcome feature to help prevent your remote session from being barely readable. The new feature can be found in settings:
Microsoft Remote Desktop Preview is available here: Microsoft Store
Microsoft has announced the Windows 10 Anniversary Update to be released on August 2nd. Included in this update are a significant number of improvements and new features. With the free upgrade for Windows 10 ending on July 29th, it is recommended that all users of Windows 7 or Windows 8 register for the free Windows 10 license as they can perform the update at a later date.