Update #2: May 15, 2017
Ransomware worm that takes advantage of a vulnerability in the Windows operating system remains a threat.
Please see the below PDF for a copy of an urgent security alert message from NYU CIO Len Peters. This message, relating to steps you should take to protect the data on Windows computers from the ransomware attack, was distributed to the entire NYU community via email on May 14 at 11:07pm ET. Should you have any questions or concerns about this message or the instructions it contains, please contact the NYU IT Service Desk, open 24×7: www.nyu.edu/it/servicedesk.
[gview file=”https://wp.nyu.edu/itsecurity/wp-content/uploads/sites/2398/2017/05/len_peters_memo_051417.pdf”]
Update #1: May 12, 2017
The following links will assist in determining which patch to apply, and both provide patch downloads: http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598 or http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212
Additional Resources:
https://krebsonsecurity.com/2017/05/u-k-hospitals-hit-in-widespread-ransomware-attack/
https://www.nytimes.com/2017/05/12/world/europe/international-cyberattack-ransomware.html
Original post: May 12, 2017
A new ransomware worm, dubbed Wanna DecryptoR 2.0 and #WannaCry, has been spreading quickly throughout locations around the world. Particularly hard hit was the UK National Health Service (NHS). The malware spreads via a malicious link in an email phishing message and takes advantage of a vulnerability in the Windows operating system that was identified by the NSA and released by the hacking group “Shadow Brokers” several weeks ago. The good news is that Microsoft has already patched this vulnerability back in March. For more information on ransomware, read this article in Connect https://wp.nyu.edu/connect/2016/09/22/ransomware-scams/
You should take this opportunity to make sure that your Windows systems are patched and up to date, and if you have not restarted your computer recently, do so, to ensure that any applied patches take effect.