1. How to verify that MS17-010 is installed. Content provided by Microsoft. The WannaCrypt ransomware is exploiting one of the vulnerabilities that is part of the MS17-010 update. Computers that do not have MS17-010 installed are at heightened risk because of several strains of malware. Download link: Windows 7 and Server 2008.
2. Microsoft releases WannaCrypt patch for Windows XP, Server 2003 By Juha Saarinen on May 14, 2017 9:00AM 'Highly unusual' step to protect users against NSA-derived ransomware.

Running Windows 7 Professional. It appears that the proper patch/update for me to protect against the wannacrypt virus is KB4012215. I reviewed my Windows Update history and see that I tried to in.

Windows 7 Wannacrypt Patch

Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. Microsoft worked throughout the day to ensure we understood the attack and were taking all possible actions to protect our customers. This blog spells out the steps every individual and business should take to stay protected. Additionally, we are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.

Details are below:

• In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
• For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider, that they are protected.
• This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks).

We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).

Customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March. If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible.

This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind.

Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources. For Office 365 customers we are continually monitoring and updating to protect against these kinds of threats including Ransom:Win32/WannaCrypt. More information on the malware itself is available from the Microsoft Malware Protection Center on the Windows Security blog. For those new to the Microsoft Malware Protection Center, this is a technical discussion focused on providing the IT Security Professional with information to help further protect systems.

We are working with customers to provide additional assistance as this situation evolves, and will update this blog with details as appropriate.

Other Operating Systems:

Windows 7 Wannacrypt Patch Download

Last week, an unprecedented ransomware attack began locking up thousands of computers in more than 150 countries. The so-called WannaCrypt malware leverages a Windows vulnerability known as EternalBlue that leaked last month when a group known as Shadow Brokers posted a bunch of hacking tools that allegedly belonged to the NSA. Microsoft issued a patch for the flaw in March, but many organizations failed to keep up or are running older versions of Windows for which Microsoft no longer issues patches.

But with some security experts estimating the number of infected systems at 200,000, Microsoft is taking the “highly unusual” step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.

Windows XP’s continued popularity and the fact that Microsoft hasn’t officially supported the operating system since 2014 makes it an obvious target for hackers. According to data analytics companies StatCounter and Net Applications, somewhere between 5% to 7% of Windows PCs still run XP.
As Ars Technica notes, this is possibly the first time ever that Microsoft has issued a patch for a product decommissioned so long ago. The last time that happened it was an emergency patch for Windows XP but merely a week after official support for the operating system ended in 2014.

Microsoft says they are working with customers to provide additional assistance as this situation evolves, and that they’ve made this decision to patch unsupported version based on an assessment of the situation, with the principle of protecting their customer ecosystem overall.

You can download Microsoft’s WannaCrypt Hotfix for Windows XP, 8 and Windows Server 2003 here.