Tag / SMBv1

A couple of days ago, I published a free tool to scan your Active Directory for all Windows based Systems and report if the EternalBlue (WannaCry) related Hotfixes are installed.   Today, I published a new and extended version of the tool: The scan is much more accurate and it also reports the EternalBlue (WannaCry) related […]

Read More

A few days ago, I published an article about a script that could scan all systems within an Active Directy for missing WannaCry-related Microsoft Patches (Hotfixes). I was impressed by the traffic and the feedback! To be honest: When I started the script, it was just a kind of a quick hack! Based upon several […]

Read More

WannaCrypt ransomware appeared on May 12, 2017 and distributes itself like a typical worm. It uses well known, and already patched vulnerabilities in the SMBv1 implementation of Windows based systems. The Exploit that the WannaCrypt ransomware is known as “EternalBlue” vulnerability (CVE-2017-0145). It sends a special package (or packages) to the target systems SMBv1 server. […]

Read More

Many think it is safe now, because someone found a kill-switch. That is wrong, totally wrong! The WannaCry wave is not over. some even talk about a newer version that seems to have another password an doesn’t use the known kill-switch. But it looks like these derivates are using the same way (SMBv1 Vulnerability) to redistribute […]

Read More

I recently published an article and a gist howto disable SMBv1 with PowerShell and DSC. Now some asked if there is an easy way to do that and to avoid the DSC usage.

Read More

Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?