“THANK YOU! I’ve been yelling into the wind about this since March. MS17-010 is the main update. Do NOT think you are safe if you have Windows update turned off. Everyone thinks they’re “giving it” to Microsoft by turning off Windows update, when in reality, you’re part of the problem.”
this “patch” business is nonsense.
ransomware programs execute as ordinary programs that need neither privileged access nor a “security hole” in order to function. They run just fine even in a limited user account that has zero privileged access. So I really don’t know what all of this “patch” nonsense is about.
For any windows system that has been “patched” or not, all one has to do is stupidly click the wrong link (or even worse, stupidly open an attachment) in an email and any ransomware program therein will land in the user’s temp file area and automatically execute, accessing every user data file with designated filetypes, reading said files and then writing them back with an unbreakable encryption.
If one has file shares that said user can access and/or usb attached files, then those get encrypted as well.
This has been going on for years. I had one client where one click of one email link encrypted every file on every file share for her entire business.
so-called antivirus programs basically just recognize signature patterns in the virus executable and if they haven’t seen a particular signature before then they are helpless.
microsoft systems are inherently insecure no matter how many “patches” they issue because they allow all users to execute any ordinary program from any location in the user’s file tree. even worse, by default, all users on a microsoft system are supersusers with full privileged access at all times.
microsoft systems can be secured only by making ordinary user accounts limited-privilege accounts by default, and taking all execute privilege from limited users except for programs that have been installed by the system itself into system areas of the file system that are not write-accessible by limited users, but microsoft refuses to do that.
As a consequence, almost all microsoft home systems are riddled with viruses sooner or later and most people find it cheaper to buy a new computer (with a new microsoft operating system and office program) than to have their system restored to factory state, all updates applied, all programs reinstalled and all data copied and restored. Thus, microsoft (and its oem partners) profit enormously from selling grossly unsecured systems, which means selling insecure systems is a deliberate profit-making strategy by microsoft.
every tiem the link is lcicked- it is nothign but a blank page, with a message such as the following, which gets updated each time you click hte link- to a new message
“Ya gotta feel sorry for all them convicts in New Hampshire, stampin’ out license plates that say Live free or Die. “
Always some stupid question, like “Why does a writer write, but fingers don’t fing?”
I had a ransomware attack about a year ago. It came from clicking on an insanely cute ad for animal pics. Now, I never click on *sponsored* links. I use AdBlockPlus and don’t see the ads.
I paid via credit card. When the bill came, the vendor was in China. I contested the payment, told them what had happened and that I was the victim of a cybermugging. They reversed the charges.
I added MalwareBytes after my husband cleaned my entire system and reinstalled everything. After this, I kept receiving “tech support” phone calls and emails, I guess so they could recoup their losses. I don’t answer or if I do, hang up when I identify them (by the Indian accents). I delete all spam without even looking at it.
A friend got ransomware literally out of nowhere. She had a browser window open, was in the work area of her office computer and out of nowhere, the thing froze, alarms, etc. She unplugged and took it in for repair. Most of her files were not recoverable.
These things lurk all over the Internet.
MS17-010 patches a flaw in the SMB protocol that allows it to be utilized to spread an infection faster. With the vulnerability present, an attack can spread very quickly across a network. With the protocol patched, the attack would be localized to a machine. Couple that with SMB1.0 being enabled on most Windows machine, and an attack can be devastating.
I’m not sure in what world you live where ransomware programs don’t need privileged access, but that’s exactly how they’re initiated. A seemingly innocuous file is executed in a Windows environment, and yes, if you’re a local administrator on your system, you elevate that program to allow it to run. If, however, you follow best practices and turn UAC to max and set yourself with a non-administrative user to do common tasks, that infection isn’t going to be able to execute without you typing in the administrator password at least once.
Microsoft systems are not inherently insecure. The user makes it so. That’s not to say that Microsoft couldn’t do better to inform users that they should run everything with a standard user account, but less than 5 minutes of searching the Internet yields dozens of sites with walkthroughs on how to do exactly that. Yes, Apple devices do that from the get go, and if you have the patience for Linux, you learn quickly that elevating with sudo is the only way to get anything done. Microsoft operating environments can be run the exact same way and are just as secure as anything Apple or Linux has out there.
And while I know I’m not going to convince you on anything, your rambling screed indicates your absolute disgust with Microsoft as an entity, I will say that I’ve been using Microsoft operating systems for over 20 years and have never once had a virus infect my system. The bulk of that 20 years went without antivirus protection as well. Your ire is misdirected at the operating system when in reality it’s the user base that’s the problem in a majority of cases.