Jump to content

Microsoft patches Windows XP to fight 'WannaCry' attacks

Jody Thornton

By Jody Thornton
in Windows XP

 Share

Recommended Posts


Dibya

Dibya

Posted
Posted

2k/XP/2k3 it self is immune . WannaCry virus sub system ver of PE is 6.1 also it need NTFS transaction api to work which does not exists in any Nt 5.x system .

The virus will not work so no screenshot of infected XP exists in web . <Offer against the rules removed>

SMB 1 vulnerability fully cannot effect Nt 5.x donot believe me compare 7 and XP patch under IDA

Link to comment
Share on other sites
roytam1

roytam1

Posted
Posted
2 hours ago, Dibya said:

2k/XP/2k3 it self is immune . WannaCry virus sub system ver of PE is 6.1 also it need NTFS transaction api to work which does not exists in any Nt 5.x system .

The virus will not work so no screenshot of infected XP exists in web . <Offer against the rules removed>

SMB 1 vulnerability fully cannot effect Nt 5.x donot believe me compare 7 and XP patch under IDA

Wine has no NTFS related API but it still runs and encrypts files.

Link to comment
Share on other sites
Dibya

Dibya

Posted
Posted (edited)
12 hours ago, roytam1 said:

Wine has no NTFS related API but it still runs and encrypts files.

It seems to be highly developed virus . I am talking about transaction api of ntdll. Stubs for those do exist in wine 

Edited by Dibya
Link to comment
Share on other sites
Dibya

Dibya

Posted
Posted (edited)
2 hours ago, JodyT said:

So if I were running XP or Windows 2000 on a FAT32 partition (which I actually did back in the day), are you saying I'd be immune to Wanna cry(pt)?

Nope I am talking about nt6.x api of ntdll that do NTFS transaction 

EDIT : NtCommitTransaction this is the api needed by WannaCry v 2.0 but WannaCry v 1.0 can infect even nt 4.0 so be aware .

Edited by Dibya
Link to comment
Share on other sites
sdfox7

sdfox7

Posted
Posted

I'd love to know why this KB4012598 update hasn't been pushed out to Automatic Updates. It seems like that would be a good idea given the scale of the infections.

Back in May 2014, you will recall KB2964358 was pushed out via Automatic Updates, to patch the zero-day exploit on Internet Explorer.

nohpupd.jpg

1
Link to comment
Share on other sites
Tripredacus

Tripredacus

Posted
Posted

It indicates that there is a fair amount of private contracts with companies that are still paying for extended support on XP. More-so than to make patches specifically available to those companies and it would be easier to make it available on the enterprise level of update support, the WSUS catalog and the MS Catalog update site.

Link to comment
Share on other sites
FranceBB

FranceBB

Posted
Posted (edited)

Speaking of which, Avast reported 201,138 blocked Wannacrypt infections in 112 countries. That's pretty impressive.

Edit: 20/05/2017

It escalated quickly to over 250,000. It just doesn't seem to stop.

Edited by FranceBB
Updating data
1
Link to comment
Share on other sites
Dibya

Dibya

Posted
Posted (edited)
12 hours ago, Sampei.Nihira said:

............So! XP wasn't to blame after all.............

:D

https://www.bleepingcomputer.com/news/security/over-98-percent-of-all-wannacry-victims-were-using-windows-7/

XP is not compatible with wannacry

Please guys and gals put this words everywhere like forums , facebook , youtuhe etc

Please protect XP from death 

Edited by Dibya
Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted
1 hour ago, JodyT said:

I was about to link to this.  It appears that a few of us need to line up face against the wall and prepare for a lashing.  Please whip gently :o

Nahh, I would find this more appropriate ;):

http://www.imdb.com/title/tt0079470/quotes?item=qt0471984

Now, seriously (and ironically ), on XP (IF the Wannacry thingy actually encrypted the files) you still have a teeny-tiny possibility to unencrypt them, something that there is NO chance you can do on Windows 10 (again IF the Wannacry thingy ran on it) thanks to the betterings the good MS guys implemented:

https://github.com/aguinet/wannakey

..and on 7, at least 32-bit version:

https://github.com/gentilkiwi/wanakiwi

https://blog.comae.io/wannacry-decrypting-files-with-wanakiwi-demo-86bafb81112d
 

jaclaz


 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...