input license here

4 effective measures to prevent WannaCry




Currently, many businesses and even large corporations are facing problems related to WannaCry malware. Know the dangers and damages of WannaCry malware. In the following article, BKNS will provide detailed instructions WannaCry prevention measures for your reference.



Measures against WannaCry

Measures against WannaCry



1. Do not click to open document files from strange emails



Do not click to open document files from strange emails

Avoid WannaCry by not clicking to open document files from strange emails



WannaCry malware is often hidden in PDF files, Word documents or other files, they are sent to your email or via secondary infection located on the affected computer, providing a backdoor to execution. attack action. So the way prevention of WannaCry As well as to ensure the safety of your computer, you should be careful when receiving emails with document files or other strange links sent to emails on social networking sites or chat tools, ..


2. Update your anti-virus software



Update anti-virus software

Protect your computer by updating your anti-virus software



Most copyrighted antivirus software has updated data to remove the WannaCry malicious code. Therefore, if you have or do not have a copyrighted anti-virus software on your computer, you should immediately download and update the latest version of an anti-virus software to ensure your computer is safe and secure. Wannacry Prevention be effective.


>> Learn more: [TOP 5] The most effective website code scanning tool 2020


3. Temporarily turn off the SMB service in the computer



Temporarily turn off the SMB service in the computer

Temporarily turn off the SMB service in the computer



If you cannot immediately update the operating system patch, you can also turn off firewall rules for File Sharing services according to the following instructions:


Access Windows Firewall with Advanced Security in Windows in two ways:



  • Method 1: Press the key combination Window + R, type msc

  • Way 2: On Control Panel, press System and Security next open Windows Firewall. At this time, a window will appear on the computer screen Windows Firewall with Advanced Security.


Temporarily turn off the SMB service in the computer 1Cửa sổ Windows Firewall with Advanced Security


In the menu on the left, you choose Inbound Rules, you find the rule File and Printer Sharing (NB-Session-In) and File and Printer Sharing (SMB-In)


Temporarily turn off the SMB service in the computer 2


If the comment is showing green, it means it is enabled, then right-click and select Disable Rule.


4. Update OS patch



Update OS patch

Prevent WannaCry by updating OS patches



WannaCry malware is capable of solving Windows vulnerabilities through TCP ports 445 and 139. The vulnerabilities on Windows operating system announced by Microsoft include:



  • Eclipsed Wing (MS08-067)

  • EternalSynergy (MS17-010)

  • EducatedScholar (MS09-050)

  • EsikmoRoll (MS14-068), EternalRomance (MS17-010)

  • ErraticGopher (Vulnerability on Windows Vista)

  • EternalChampion (CVE-2017-0146 and CVE-2017-0147)

  • EmeraldThread (MS10-06)

  • EternalBlue (MS17-010)


To prevent WannaCry attacks through these vulnerabilities, you need to immediately update the Windows operating system patches. Currently, Microsoft has released patches for the vulnerabilities of these services. You update the patch for the operating systems according to the corresponding version such as:



You need to download the file based on the appropriate operating system version and then start running the downloaded file to update the patch for the vulnerabilities exploited by the WannaCry malware.


In addition, WannaCry is also a solution for zero-day vulnerability through SNMP protocol protocol so that hackers do not need remote verification to execute arbitrary code or reboot the system. Therefore, for systems using Cisc-related devices, users only need to update the patches related to the zero-day vulnerability.


In there:



  • Zero-days are unresolved or unknown software or hardware vulnerabilities.

  • SNMP protocol - application layer protocol in Cisco ASA software

  • Cisco ASA is a security appliance that combines with a firewall for intrusion prevention and virus prevention


So the article on BKNS sent you detailed instructions WannaCry prevention measures for your reference. If you have any questions during the research process, please leave a comment below for immediate support. Don't forget to visit the website bkns.vn Read on for more helpful articles.


>> Learn more about New generation security measures exclusively for Linux-based web servers Imunify360


Related Posts
Diệp Quân
Nguyen Manh Cuong is the author and founder of the vmwareplayerfree blog. With over 14 years of experience in Online Marketing, he now runs a number of successful websites, and occasionally shares his experience & knowledge on this blog.
SHARE

Related Posts

Subscribe to get free updates

Post a Comment

Sticky