A piece of malicious computer ransomware known as WannaCry is holding hostage troves of data across the globe, until their owners pay up. The hackers are still unknown but institutions and individuals across over 100 countries have been infected by more than 100,000 attacks.
The ransomware exploits a Windows vulnerability for which Microsoft released a patch but most older systems like Windows XP, Windows 2003 and more have failed to install it. Microsoft has acknowledged the great ransomware threat and issued security guidance for all Windows users on how to protect your data.
"Many of our customers around the world and the critical systems they depend on were victims of the malicious 'WannaCrypt' software," the company said in a blog post. "We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack."
The company recommends all Windows 10 users to immediately deploy the Microsoft Security Bulletin MS17-010. A special update has also been released by them for customers using Windows Defender which will detect this ransomware threat.
The company also recommends updating your anti-virus software regardless of the company it belongs to, to its latest version. If organisations want to protect their network of computers, they have been advised to block legacy protocols on their networks.
As most Windows machines around the world are far from having the Windows 10 installed on their systems, Microsoft has issued manual patches for these versions. This means users still on these versions will have to manually download the patch, follow instructions and install the patch to fend off any ransomware threats. Below are the patches issued:
- Windows Server 2003 SP2 x64
- Windows Server 2003 SP2 x86
- Windows XP SP2 x64
- Windows XP SP3 x86
- Windows XP Embedded SP3 x86
- Windows 8 x86
- Windows 8 x64
This guidance is only a preventive measure. For systems that have already been affected by the ransomware, there is no decryption tool yet. Your only way to get your data back is to pay the ransom or wait for a decryption tool to arrive which is expected to take a long time.