Dear Customer,
Many organizations around the world were victims of malicious “WannaCrypt” software last week. Seeing businesses and individuals affected by cyberattacks such as this is painful. Our teams have worked relentlessly over the last few days to take all possible actions to protect our customers.
Here are a few things for your reference:
If you are using Windows Vista, 7, 8.1 & 10: In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Security Update enabled are protected against attacks on this vulnerability.
For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
Activate Windows Defender: For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider whether they are protected.
If using older version of Windows: Customers running versions of Windows that no longer receive mainstream support may not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we have released a Security Update for platforms in custom support only. Windows XP, Windows 8 and Windows Server 2003 Security Updates are broadly available for download now (see links below).
Additional Steps to consider: This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect againstSMBv1 attacks, customers should consider blocking legacy protocols on their networks). Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources.
More information on the malware is available from the Microsoft Malware Protection Center though the Windows Security blog. We are working with our customers to provide additional assistance as the situation evolves, and will update this blog with details as appropriate.https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
You may also want to read though the blog posted by Brad Smith, President and Chief Legal Officer, Microsoft, looking at the broader implications of the malicious “WannaCrypt” software attack.
If you have any questions or concerns:
· Webinar: You may want to join the Webinar on Wannacry Attack Q&A, 22nd May, 11am. Join here.
· Email: Please write to us atindiasms@microsoft.com. Our team will respond to you on priority.
Thanks and regards,
Microsoft India Team
Many organizations around the world were victims of malicious “WannaCrypt” software last week. Seeing businesses and individuals affected by cyberattacks such as this is painful. Our teams have worked relentlessly over the last few days to take all possible actions to protect our customers.
Here are a few things for your reference:
If you are using Windows Vista, 7, 8.1 & 10: In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Security Update enabled are protected against attacks on this vulnerability.
For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
Activate Windows Defender: For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider whether they are protected.
If using older version of Windows: Customers running versions of Windows that no longer receive mainstream support may not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we have released a Security Update for platforms in custom support only. Windows XP, Windows 8 and Windows Server 2003 Security Updates are broadly available for download now (see links below).
Additional Steps to consider: This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect againstSMBv1 attacks, customers should consider blocking legacy protocols on their networks). Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources.
More information on the malware is available from the Microsoft Malware Protection Center though the Windows Security blog. We are working with our customers to provide additional assistance as the situation evolves, and will update this blog with details as appropriate.https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
You may also want to read though the blog posted by Brad Smith, President and Chief Legal Officer, Microsoft, looking at the broader implications of the malicious “WannaCrypt” software attack.
If you have any questions or concerns:
· Webinar: You may want to join the Webinar on Wannacry Attack Q&A, 22nd May, 11am. Join here.
· Email: Please write to us atindiasms@microsoft.com. Our team will respond to you on priority.
Thanks and regards,
Microsoft India Team
