About WanaDecrypt0r

About WanaDecrypt0r

Postby bezeelev » 14.05.2017, 11:34

Hello and please forgive if the question is too simple to answer or too inept.

How should I check if wsusoffline has installed the MS17-010 update from March that secures against WanaDecrypt0r?

Both Windows Update and Microsoft have made it so difficult to tell what is installed and what is not, that I can't simply search by security bulletin IDs or even KB IDs. There is no tool for cross-referencing IDs from the MS KB and the ones listed in the Windows Update logs.

I hope there is a straightforward way to verify this. Thanks in advance.

Re: About WanaDecrypt0r

Postby aker » 14.05.2017, 15:02

Check, if your repo has been created after 2017-03-14 and run wsusou. If it does not report anything, you should be protected.
Also you might check, if C:\Windows\system32\drivers\mrxsmb10.sys has a change date, which is in Macrh 2017. If it doesn't even exist, your computer does not use the vulnerable protocol.
Wer Rechtschreibfehler findet, darf sie behalten oder an den Meistbietenden versteigern. / Everybody finding a misspelling is allowed to sell it.
Posts: 3287
Joined: 02.03.2011, 15:32
Location: %SystemRoot%\System32\Boot\winload.efi

Return to Verschiedenes / Miscellaneous

Who is online

Users browsing this forum: No registered users and 5 guests