WannaCry Exploit Could Infect Windows 10 (threatpost.com)

Posted by BeauHD on Tuesday June 6, 2017 @10:40AM from the brace-yourself dept.

msm1267 writes: EternalBlue, the NSA-developed attack used by criminals to spread WannaCry ransomware last month, has been ported to Windows 10 by security researchers. The publicly available version of EternalBlue leaked by the ShadowBrokers targets only Windows XP and Windows 7 machines. Researchers at RiskSense who created the Windows 10 version of the attack were able to bypass mitigations introduced by Microsoft that thwart memory-based code-execution attacks. These mitigations were introduced prior to a March security update from Microsoft, MS17-010, and any computer running Windows that has yet to install the patch is vulnerable. You can read the researchers' report here (PDF), which explains what was necessary to bring the NSA exploit to Windows 10.

4 of 52 comments (clear)

Min score:

Reason:

Sort:

WAIT, WAIT by JustAnotherOldGuy · 2017-06-06 10:47 · Score: 3, Interesting

But Microsoft said that Windows 10 was "the safest Windows ever", EVER!

--
Just cruising through this digital world at 33 1/3 rpm...
1. Re:WAIT, WAIT by Opportunist · 2017-06-06 10:59 · Score: 3, Funny
  
  That's like being the best dressed hobo.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:And Monkeys COULD fly outta my butt by jfdavis668 · 2017-06-06 10:52 · Score: 4, Funny

You still use Windows ME?
M$'s continual bandaid solutions continue to fail by Indy1 · 2017-06-06 10:59 · Score: 4, Insightful

Bullshitware like UAC (which stops zero malware in just about every security study I've read), or secure boot, or any other number of "security" theater that M$ comes up with, they all end up failing horribly.
There's no substitute for designing things securely.

--
Lawyers, MBA's, RIAA? A jedi fears not these things!