WannaCrypt ransomware attack

WannaCrypt ransomware is attacking computers SMB EternalBlue vulnerability
which sends custom packets to SMBv1 servers

The WannaCrypt crypt files and demand ransome for decrypting.


WannaCrypt attacks following systems:

  • Windows XP 32-bit
  • Windows XP 64-bit
  • Windows XP Embedded
  • Windows Vista 32-bit
  • Windows Vista 64-bit
  • Windows Server 2003 32-bit
  • Windows Server 2003 64-bit
  • Windows Server 2008 32-bit
  • Windows Server 2008 64-bit


The exploit code used by WannaCrypt was designed to work only against unpatched Windows 7 and Windows Server 2008 (or earlier OS) systems, so Windows 10 PCs are not affected by this attack.

Unsupported versions of Windows have a sizable market share still. While stats are not 100% accurate, Net Market Share sees Windows XP at a market share of about 7% in April 2017, and Vista at about 0.70%. This means that every 14th or so device runs an unsupported client version of Windows. It is unclear how the situation looks like for Server operating systems.

Still, Microsoft's release of the patch ensures that companies, and home users, may patch their devices to protect them against the attack. One effect of patching systems is that this will also prevent the security threat from spreading faster or further.

The updates can be found here



Tilføj kommentar