The analogy only works if the gun manufacturer leaves them loaded and abandoned on the sidewalk.

This attack vector has been in old software for ages so the loaded and abandoned gun was on the sidewalk because NSA dropped it into the middle of the walk for a criminal to use instead rusting in the bushes where it's been for years. It's much too simplistic just to blame MS for this.

 

Hello,
Sorry to rain on anyone parade..but ransomeware isn't limited to MS...attacks Linux as well..,

 

https://support.microsoft.com/en-in...r-2008-r2,-windows-8,-and-windows-server-2012

 

Hello,
Sorry to rain on anyone parade..but ransomeware isn't limited to MS...attacks Linux as well..,

Right, most of the few Linux 'Ransomware' attacks are stupid or are fakes.
https://labs.bitdefender.com/2015/11/linux-ransomware-debut-fails-on-predictable-encryption-key/

– Never run applications that you don’t completely trust as root user. This is a great security risk that will likely compromise your machine or the integrity of the data on it;
– Backup early, backup often. If your computer falls victim to ransomware, it would be better to simply restore the affected files from an earlier backup than to pay the decryption fee. Remember that easy money is the primary driver for crypto-ransomware operators to build these Trojans and perfect them in time. The less profit they make, the lower their interest in developing crypto-ransomware.

https://www.bleepingcomputer.com/ne...ed-to-install-the-fairware-ransomware-attack/

Duo Security went on to say that they saw no indication that the files were encrypted or even backed up anywhere before being deleted. Therefore, this appears to be a scam where the attackers are trying to scare you into paying the ransom, but will not be providing the deleted files.

 

Hello,
Sorry to rain on anyone parade..but ransomeware isn't limited to MS...attacks Linux as well..,

Extraordinary claims require extraordinary evidence.

 

https://support.microsoft.com/en-in...r-2008-r2,-windows-8,-and-windows-server-2012

Ha! And you guys think Linux administration is hard.

 

https://blogs.microsoft.com/on-the-...cyberattack/#sm.0009w7bg3162kdvrv311by73ublnf

Finally, this attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

 

http://www.telegraph.co.uk/technolo...latest-authorities-warn-day-chaos-ransomware/

Vladimir Putin has blamed the US for the global cyber attack that has crippled computer systems around the world since Friday.

The cyber attack, which wreaked havoc at dozens of NHS trusts on Friday, has continued to spread, hitting thousands of computers in China and Japan.

Putin said Russia had "nothing to do" with the attack and blamed the US for creating the hacking software that affects Microsoft computers.

 

http://www.telegraph.co.uk/technolo...latest-authorities-warn-day-chaos-ransomware/

Sauce for the goose.

 

I've got Windows 7 which is vulnerable so where can I get an update for the security?

If you have automatic updates enabled, you should have gotten the update in March.
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft also provided patches for some unsupported versions; e.g. WinXP

 

If you have automatic updates enabled, you should have gotten the update in March.
https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Microsoft also provided patches for some unsupported versions; e.g. WinXP

I checked Microsoft's site and automatic updates for Windows 7 were discontinued in October of 2016.

I've also checked the list of available updates on my computer and it says "No new updates found". So as of October of 2016, my computer has not been updated at all. Prior to 2016, updates were sent to my computer automatically and all I need to do was click the "install" button and everything worked OK.

Now that automatic updates have been discontinued, where/how can I get more updates (especially for the latest ransomware)?

 

I checked Microsoft's site and automatic updates for Windows 7 were discontinued in October of 2016.

I've also checked the list of available updates on my computer and it says "No new updates found". So as of October of 2016, my computer has not been updated at all. Prior to 2016, updates were sent to my computer automatically and all I need to do was click the "install" button and everything worked OK.

Now that automatic updates have been discontinued, where/how can I get more updates (especially for the latest ransomware)?

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

 

there are ways to avoid a ransom ware attack
http://www.stuff.co.nz/technology/9...cyber-attack-malware-and-ransomware-explained
https://www.lifehacker.com.au/2017/...was-mostly-preventable-heres-how-to-avoid-it/

 

[T]here are ways to avoid a ransom ware attack...

I would certainly hope so!

 

Now that automatic updates have been discontinued, where/how can I get more updates (especially for the latest ransomware)?

This page has links for Win7 updates for WannaCry.
https://support.microsoft.com/en-us/help/4013389/title

To find it, I googled for "KB4012598 windows 7".

 

https://theintercept.com/2017/05/16...eak-militarism-and-greed/?comments=1#comments

Microsoft also did not create WannaCry. But it did create something something nearly as bad: Windows Vista, an operating system so horrendously bloated, broken, and altogether unpleasant to use that many PC users back in 2007 skipped upgrading altogether, opting instead to stick with the outdated Windows XP, a decision that has left many people on that decade-and-a-half-old operating system even today, years after Microsoft stopped updating it.

 

https://www.proofpoint.com/us/threa...eading-for-weeks-via-eternalblue-doublepulsar

Over the subsequent weekend, however, we discovered another very large-scale attack using both EternalBlue and DoublePulsar to install the cryptocurrency miner Adylkuzz. Initial statistics suggest that this attack may be larger in scale than WannaCry, affecting hundreds of thousands of PCs and servers worldwide: because this attack shuts down SMB networking to prevent further infections with other malware (including the WannaCry worm) via that same vulnerability, it may have in fact limited the spread of last week’s WannaCry infection.

Symptoms of this attack include loss of access to shared Windows resources and degradation of PC and server performance. Several large organizations reported network issues this morning that were originally attributed to the WannaCry campaign. However, because of the lack of ransom notices, we now believe that these problems might be associated with Adylkuzz activity. However, it should be noted that the Adylkuzz campaign significantly predates the WannaCry attack, beginning at least on May 2 and possibly as early as April 24. This attack is ongoing and, while less flashy than WannaCry, is nonetheless quite large and potentially quite disruptive.

In this attack, Adylkuzz is being used to mine Monero cryptocurrency. Similar to Bitcoin but with enhanced anonymity capabilities, Monero recently saw a surge in activity after it was adopted by the AlphaBay darknet market, described by law enforcement authorities as “a major underground website known to sell drugs, stolen credit cards and counterfeit items.” Like other cryptocurrencies, Monero increases market capitalization through the process of mining. This process is computationally intensive but rewards miners with funds in the mined currency, currently 7.58 Moneros or roughly $205 at current exchange rates.

 

This page has links for Win7 updates for WannaCry.
https://support.microsoft.com/en-us/help/4013389/title

To find it, I googled for "KB4012598 windows 7".

How do I actually install this update?

All of the previous updates were sent automatically and had instructions on how to start the installation.

 

How do I actually install this update?

All of the previous updates were sent automatically and had instructions on how to start the installation.

By following various links that the previous link referenced, I found these:
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012215

The latter has downloads for Win7 32/64:

As does the former:

 

https://www.bleepingcomputer.com/ne...ven-nsa-hacking-tools-wannacry-used-just-two/

Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two.

The worm's existence first came to light on Wednesday, after it infected the SMB honeypot of Miroslav Stampar, member of the Croatian Government CERT, and creator of the sqlmap tool used for detecting and exploiting SQL injection flaws.

EternalRocks uses seven NSA tools
The worm, which Stampar named EternalRocks based on worm executable properties found in one sample, works by using six SMB-centric NSA tools to infect a computer with SMB ports exposed online. These are ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE, andETERNALSYNERGY, which are SMB exploits used to compromise vulnerable computers, whileSMBTOUCH and ARCHITOUCH are two NSA tools used for SMB reconnaissance operations.

Once the worm has obtained this initial foothold, it then uses another NSA tool, DOUBLEPULSAR, to propagate to new vulnerable machines.