WannaCry: Patch Ufficiali per Windows (tutte le versioni) da Microsoft Technet

WannaCry Malware Official Patches - All Windows Versions from Microsoft Technet

Se vi siete imbattuti in questo articolo molto probabilmente avrete già sentito parlare del malware denominato Ransom:Win32/WannaCrypt, meglio noto come WannaCry, recentemente salito ai vertici della notorietà internazionale a causa delle decine di migliaia di sistemi colpiti in ogni parte del mondo... E volete sapere se il vostro sistema è protetto oppure no.

Per farla breve, è molto probabile che siate già immunizzati... a patto di aver effettuato regolarmente gli aggiornamenti del sistema: la SMB Vulnerability Jump, ovvero il tallone d'achille del sistema operativo che è stato utilizzato dal Ransomware per  effettuare l'attacco, è stata risolta da una patch ufficiale Microsoft rilasciata quasi due mesi prima (marzo 2017) e distribuita attraverso il servizio Windows Update.

Nel caso in cui non abbiate ancora effettuato l'aggiornamento, o se volete essere certi di non averlo saltato, è decisamente consigliabile che spendiate alcuni minuti del vostro tempo per scaricare e installare la patch relativa al vostro sistema, che potete trovare collegandovi a questa pagina Technet ufficiale (MS17-010 Jump) oppure al termine di questo articolo. Le patch sono state rilasciate per tutte le principali versioni di Windows: Windows 10, Windows Server 2003, Windows Server 2008, Windows Server 2012, Windows Server 2012 R2 e Windows Server 2016.

Non appena avete aggiornato il vostro sistema, se volete adottare delle contromisure ulteriori potete procedere nel seguente modo, seguendo i consigli di quest'altro articolo Technet:

  • Controllare che il vostro PC sia effettivamente immune tramite questo script Powershell, che verifica che tutte le patch necessarie siano presenti nel sistema.
  • Bloccare le connessioni SMB in ingresso (Porta 445) con il vostro Firewall (o con il Firewall integrato di Windows).
  • Aggiornate il vostro sistema operativo all'ultima versione (Windows 10, Windows Server 2012/2016) così da avere una protezione migliore (Credential Guard, Device Guard, Memory Protections, Secure Kernel, VBS, Edge Browser etc)

Per informazioni aggiuntive su questo particolarissimo malware, consigliamo la lettura di questi articoli pubblicati rispettivamente su MMPC, FireEye e Technet:

Se invece avete bisogno di un ripasso sui Ransomware (cosa sono, come riconoscerli, come proteggersi) non possiamo che rimandarvi alla lettura di quest'altra serie di articoli pubblicata qualche settimana fa su questo stesso blog:

Per concludere, ecco un elenco piuttosto esaustivo di tutte le patch pubblicate finora per i sistemi Windows.

Emergency Security Updates / Fixes for Windows XP, Windows Server 2003, Windows 8 RT

Microsoft Catalog link: KB4012598

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

Direct Links

Windows XP SP2 x64

http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

Windows XP SP3 x86

http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe

Windows 8 x64

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x64_f05841d2e94197c2dca4457f1b895e8f632b7f8e.msu

Windows 8 x86

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/05/windows8-rt-kb4012598-x86_a0f1c953a24dd042acc540c59b339f55fb18f594.msu

Windows Server 2003 SP2 x64

http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

Windows Server 2003 SP2 x86

http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-enu_f617caf6e7ee6f43abe4b386cb1d26b3318693cf.exe

Windows XP Embedded SP3 x86

http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-embedded-custom-enu_8f2c266f83a7e1b100ddb9acd4a6a3ab5ecd4059.exe

Quella che segue è la lista ufficiale Technet, aggiornata al 15 maggio 2017.

SMB Vulnerability Jump - Affected Systems and Patches/Updates - Official Technet List

Operating System Windows SMB Remote Code Execution Vulnerability – CVE-2017-0143 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0144 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0145 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0146 Windows SMB Information Disclosure Vulnerability – CVE-2017-0147 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0148 Updates Replaced
Windows Vista
Windows Vista Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Vista x64 Edition Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for x64-based Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for Itanium-based Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 7 for 32-bit Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows 7 for x64-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 7 for x64-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows 8.1
Windows 8.1 for 32-bit Systems
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 8.1 for 32-bit Systems
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows 8.1 for x64-based Systems
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 8.1 for x64-based Systems
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012
(4012214)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012
(4012217)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205409
Windows Server 2012 R2
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 R2
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows RT 8.1
Windows RT 8.1[2]
(4012216)
Monthly Rollup
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows 10
Windows 10 for 32-bit Systems [3]
(4012606)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210720
Windows 10 for x64-based Systems [3]
(4012606)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210720
Windows 10 Version 1511 for 32-bit Systems [3]
(4013198)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210721
Windows 10 Version 1511 for x64-based Systems [3]
(4013198)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210721
Windows 10 Version 1607 for 32-bit Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Windows 10 Version 1607 for x64-based Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Windows Server 2016
Windows Server 2016 for x64-based Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2012 (Server Core installation)
(4012214)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 (Server Core installation)
(4012217)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205409
Windows Server 2012 R2 (Server Core installation)
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 R2 (Server Core installation)
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows Server 2016 for x64-based Systems [3](Server Core installation)
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986

Per il momento è tutto: felice patch!

About Ryan

IT Project Manager, Web Interface Architect e Lead Developer di numerosi siti e servizi web ad alto traffico in Italia e in Europa. Dal 2010 si occupa anche della progettazione di App e giochi per dispositivi Android, iOS e Mobile Phone per conto di numerose società italiane. Microsoft MVP for Development Technologies dal 2018.

View all posts by Ryan

One Comment on “WannaCry: Patch Ufficiali per Windows (tutte le versioni) da Microsoft Technet”

  1. Pingback: WannaCry: come controllare se il proprio sistema Windows è protetto

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *


Il periodo di verifica reCAPTCHA è scaduto. Ricaricare la pagina.

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.