'Accidental Hero' Finds Kill Switch To Stop Wana Decrypt0r Ransomware

"An 'accidental hero' has halted the global spread of the WannaCry ransomware that has wreaked havoc on organizations..." writes The Guardian. An anonymous reader quotes their report: A cybersecurity researcher tweeting as @malwaretechblog, with the help of Darien Huss from security firm Proofpoint, found and implemented a "kill switch" in the malicious software that was based on a cyber-weapon stolen from the NSA. The kill switch was hardcoded into the malware in case the creator wanted to stop it from spreading. This involved a very long nonsensical domain name that the malware makes a request to -- just as if it was looking up any website -- and if the request comes back and shows that the domain is live, the kill switch takes effect and the malware stops spreading. Of course, this relies on the creator of the malware registering the specific domain. In this case, the creator failed to do this. And @malwaretechblog did early Friday morning (Pacific Time), stopping the rapid proliferation of the ransomware.
You can read their first-person account of the discovery here, which insists that registering the domain "was not a whim. My job is to look for ways we can track and potentially stop botnets..." Friday they also tweeted a map from the New York Times showing that registering that domain provided more time for U.S. sites to patch their systems. And Friday night they added "IP addresses from our [DNS] sinkhole have been sent to FBI and ShadowServer so affected organizations should get a notification soon. Patch ASAP."

UPDATE: Slashdot reader Lauren Weinstein says some antivirus services (and firewalls incorporating their rules) are mistakenly blocking that site as a 'bad domain', which allows the malware to continue spreading. "Your systems MUST be able to access the domain above if this malware blocking trigger is to be effective, according to the current reports that I'm receiving!"

How can I tell if I am fully patched?

[jonwil]

I am on Windows 7 Home Premium and have all the patches Windows Update offers me (including "Security Monthly Quality Rollup for Windows 7 for x64-based Systems" dated for May, April, March, January, December, November and October), am I patched?

Also, given how many exploits target these Microsoft networking protocols (NetBIOS, SMB etc) and given that I dont actually need to use these protocols for anything, is there a way to turn them off so they aren't exposed to the outside world?

Re: Here's how it works(in Radiology)

Most radiology scanner manufacturers require that the device be connected to the internet so that they can download system logs and troubleshoot problems. It is usually via a VPN. Some of the scanners that I know of have workstations as part of the device. The system is usually the physical scan device, an acquisition computer and a processing computer. They are configured so the technologist can be post processing one scan while another is being acquired. The national accreditation agencies require that radiology dosage reports be sent via the internet to be summarized and to help develop standard protocols. The data is anonamized before transmission.

In summary no one expects computers to be reliable it's all about cost. Even for the same manufacturer the MRI, CT and IR scanners may not be compatible. Usually the software development is outsourced. The device is FDA approved with a specific configuration. There are required directory exceptions for Anti-virus scans.
Sorry way too much information