We Know You Don’t WannaCry

By now you likely know that WannaCry is a malicious widely distributed ransomware variant that is wreaking havoc over enterprise IT. The most important thing to know is that Microsoft has issued patches for nearly every flavor of the Windows operating system (including Windows XP) to prevent any further attacks.

Since AV (even next-gen AV) and other security tools have not been very effective at mitigating the WannaCry threat, our advice to our customers is to ensure you have a complete inventory of every Windows instance and its respective patch level. This will enable you to identify which Windows instances in your environment are still vulnerable so you could focus your energies on finding and patching them.

To help you accomplish this, we’re offering Lakeside customers several complimentary dashboards that can help you identify Windows instances that are at risk of being infected by WannaCry or other security threats:

  • Security Patch Details: We’ve developed a new kit, Patch Summary Kit, that provides details on security patches based on operating system. It also provides details for a specific patch if you know the patch’s KB or definition. The details include if the security patch was installed in a system and which patch it was. This kit provides clear and precise data to help users remain safe.
  • Risk Score: SysTrack provides a risk score in Risk Visualizer. The risk score is an uncapped integer that takes into account all potential ways a system may be vulnerable. Risk Visualizer allows you to view the risk scores of all systems in your environment to easily identify systems of concern. A higher risk score implies that your system is at greater risk of attack.

You can use the table below in conjunction with the Patch Summary kit to check whether a security patch has been applied to systems with the corresponding OS. An example of this feature is shown in a screenshot taken of the kit.

Operating System (Version Number) Security Patch KB
Windows XP KB4012598
Windows Vista KB4012598
Windows Server 2008 KB4012598
Windows 7 KB4012212
Windows Server 2008 R2 KB4012212
Windows 8 KB4012598
Windows 8.1 KB4012213
Windows Server 2012 KB4012214
Windows Server 2012 R2 KB4012213
Windows 10 (1511) KB4013198
Windows 10 (1607) KB4012606
Windows Server 2016 KB4013429

Our goal at Lakeside is to help keep our customers’ end users productive. We hope that by providing these risk management and compliance dashboards, we can help IT departments continue to improve organizational digital experience.

2 thoughts on “We Know You Don’t WannaCry”

Leave a Reply

Your email address will not be published. Required fields are marked *