Currently, many businesses and even large corporations are facing problems related to WannaCry malware. Know the dangers and damages of WannaCry malware. In the following article, BKNS will provide detailed instructions WannaCry prevention measures for your reference.
Measures against WannaCry
1. Do not click to open document files from strange emails
Avoid WannaCry by not clicking to open document files from strange emails
WannaCry malware is often hidden in PDF files, Word documents or other files, they are sent to your email or via secondary infection located on the affected computer, providing a backdoor to execution. attack action. So the way prevention of WannaCry As well as to ensure the safety of your computer, you should be careful when receiving emails with document files or other strange links sent to emails on social networking sites or chat tools, ..
2. Update your anti-virus software
Protect your computer by updating your anti-virus software
Most copyrighted antivirus software has updated data to remove the WannaCry malicious code. Therefore, if you have or do not have a copyrighted anti-virus software on your computer, you should immediately download and update the latest version of an anti-virus software to ensure your computer is safe and secure. Wannacry Prevention be effective.
>> Learn more: [TOP 5] The most effective website code scanning tool 2020
3. Temporarily turn off the SMB service in the computer
Temporarily turn off the SMB service in the computer
If you cannot immediately update the operating system patch, you can also turn off firewall rules for File Sharing services according to the following instructions:
Access Windows Firewall with Advanced Security in Windows in two ways:
- Method 1: Press the key combination Window + R, type msc
- Way 2: On Control Panel, press System and Security next open Windows Firewall. At this time, a window will appear on the computer screen Windows Firewall with Advanced Security.
Cửa sổ Windows Firewall with Advanced Security
In the menu on the left, you choose Inbound Rules, you find the rule File and Printer Sharing (NB-Session-In) and File and Printer Sharing (SMB-In)
If the comment is showing green, it means it is enabled, then right-click and select Disable Rule.
4. Update OS patch
Prevent WannaCry by updating OS patches
WannaCry malware is capable of solving Windows vulnerabilities through TCP ports 445 and 139. The vulnerabilities on Windows operating system announced by Microsoft include:
- Eclipsed Wing (MS08-067)
- EternalSynergy (MS17-010)
- EducatedScholar (MS09-050)
- EsikmoRoll (MS14-068), EternalRomance (MS17-010)
- ErraticGopher (Vulnerability on Windows Vista)
- EternalChampion (CVE-2017-0146 and CVE-2017-0147)
- EmeraldThread (MS10-06)
- EternalBlue (MS17-010)
To prevent WannaCry attacks through these vulnerabilities, you need to immediately update the Windows operating system patches. Currently, Microsoft has released patches for the vulnerabilities of these services. You update the patch for the operating systems according to the corresponding version such as:
You need to download the file based on the appropriate operating system version and then start running the downloaded file to update the patch for the vulnerabilities exploited by the WannaCry malware.
In addition, WannaCry is also a solution for zero-day vulnerability through SNMP protocol protocol so that hackers do not need remote verification to execute arbitrary code or reboot the system. Therefore, for systems using Cisc-related devices, users only need to update the patches related to the zero-day vulnerability.
In there:
- Zero-days are unresolved or unknown software or hardware vulnerabilities.
- SNMP protocol - application layer protocol in Cisco ASA software
- Cisco ASA is a security appliance that combines with a firewall for intrusion prevention and virus prevention
So the article on BKNS sent you detailed instructions WannaCry prevention measures for your reference. If you have any questions during the research process, please leave a comment below for immediate support. Don't forget to visit the website bkns.vn Read on for more helpful articles.
>> Learn more about New generation security measures exclusively for Linux-based web servers Imunify360
My name is Thinh Hanh, currently the CEO of BKNS. I will provide you with information technology services and network solutions in the fastest and most effective way.
Post a Comment
Post a Comment