WannaCry|WannaDecrypt0r patching notes on Windows Servers platforms

So we just finished rolling out updates to a bunch of our Windows 2012 R2 servers, right in time for the WannaCry malware breakout, which exploits a vulnerability on smbv1 protocol.  If you haven’t been keeping up with security patches, these are the list of patch that you need to get for Windows Server 2012 R2, and Windows 8.1.

If you’re on Window Server 2012 R2, install these prerequisites if you haven’t :

As for Windows 2008 R2, you need to have:

If you’re one of those unfortunate guys that stuck with Windows 2003 boxen, you need to have:

And then the patches:

You need to install KB2919442 first, then KB2919355, and then either KB4012213 or KB4012216. If you can’t patch yet, then follow these instructions to disable smbv1 on your system. Keep in mind that this will also shut off the file server function from clients using Windows Server 2003 and XP workstations.

As for patching the rest of your horde of windows machines, go here, or here, if you’re stuck with Windows Server 2003 and XP. And last but not least, test the patch first.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s