WannaCry Exploit Could Infect Windows 10

msm1267 writes: EternalBlue, the NSA-developed attack used by criminals to spread WannaCry ransomware last month, has been ported to Windows 10 by security researchers. The publicly available version of EternalBlue leaked by the ShadowBrokers targets only Windows XP and Windows 7 machines. Researchers at RiskSense who created the Windows 10 version of the attack were able to bypass mitigations introduced by Microsoft that thwart memory-based code-execution attacks. These mitigations were introduced prior to a March security update from Microsoft, MS17-010, and any computer running Windows that has yet to install the patch is vulnerable. You can read the researchers' report here (PDF), which explains what was necessary to bring the NSA exploit to Windows 10.

Re:WAIT, WAIT

If you allow windows update to do its job*.
But considering a great many morons out there think disabling updates = "I'm a man now! I stopped microsoft!".
Well they are at risk.

M$'s continual bandaid solutions continue to fail

[Indy1]

Bullshitware like UAC (which stops zero malware in just about every security study I've read), or secure boot, or any other number of "security" theater that M$ comes up with, they all end up failing horribly.

There's no substitute for designing things securely.

Re: WAIT, WAIT

Real men use Linux.

Unpatched OS is vulnerable to modern exploits

Film at 11.

Look, if you bent over backwards (because you have to bend over backwards, to prevent W10 from updating itself without so much as asking) to disable updates, and then didn't bother to check and manage updates yourself... then what did you frickin' expect to happen?