<html><body><p><font size="2" face="Arial">Microsoft has released MS17-010 in March to address the vulnerabilities (CVE-2017-0144 and CVE-2017-0145) that the Petya ransomware exploits to spread across networks. Consequently, BigFix has previously released the corresponding the Fixlets.</font><p><font size="2" face="Arial">We encourage following Microsoft’s recommendations. If you have not done so, apply MS17-010 to patch the vulnerability. Otherwise apply KB2696547 to disable Microsoft Server Message Block 1.0 (SMBv1).</font><p><font size="2" face="Arial">Note that some Fixlets related to the WannaCry vulnerability had their supersedence reversed and might show as relevant. If you have applied these Fixlets before, you do not have to apply them again.</font><p><font size="2" face="Arial">To properly patch your device, apply the respective Fixlets for the following operating systems.</font><p><p><font size="2" face="Arial">I. Security Bulletin MS17-010</font><font size="2" face="Arial"><br></font><p><font size="2" face="Arial">KB4012212 - Windows Server 2008 R2 SP1, Windows 7 SP1</font><p><font size="2" face="Arial"> MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2008 R2 SP1 - KB4012212 (x64) (ID: 1700631)<br> MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-020, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 7 SP1 - KB4012212 (x64) (ID: 1700633)<br> MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-020, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 7 SP1 - KB4012212 (ID: 1700635)</font><p><p><font size="2" face="Arial">KB4012213 - Windows Server 2012 R2, Windows 8.1</font><font size="2" face="Arial"><br> MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2012 R2 - KB4012213 (x64) (ID: 1700637)<br> MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 8.1 - KB4012213 (x64) (ID: 1700639)<br> MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 8.1 - KB4012213 (ID: 1700641)</font><p><font size="2" face="Arial"><br></font><p><font size="2" face="Arial">KB4012214 - Windows Server 2012</font><font size="2" face="Arial"><br> MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2012 - KB4012214 (x64) (ID: 1700643)</font><p><font size="2" face="Arial"><br></font><p><font size="2" face="Arial">KB4012598 - Windows Vista SP2, Windows Server 2008 SP2, Windows 8, Windows Server 2003 SP2</font><font size="2" face="Arial"><br> MS17-010: Security Update for Microsoft Windows SMB Server - Windows Vista SP2 - KB4012598 (x64) (ID: 1701001)<br> MS17-010: Security Update for Microsoft Windows SMB Server - Windows Server 2008 SP2 - KB4012598 (x64) (ID: 1701003)<br> MS17-010: Security Update for Microsoft Windows SMB Server - Windows Server 2008 SP2 - KB4012598 (ID: 1701005)<br> MS17-010: Security Update for Microsoft Windows SMB Server - Windows Vista SP2 - KB4012598 (ID: 1701007)<br> MS17-010: Security Update for Windows SMB Server - Windows 8 - KB4012598 (ID: 1701009)<br> MS17-010: Security Update for Windows SMB Server - Windows 8 - KB4012598 (x64) (ID: 1701011)<br> MS17-010: Security update for Windows SMB Server - Windows Server 2003 SP2 - KB4012598 (x64) (ID: 1701013)<br> MS17-010: Security update for Windows SMB Server - Windows Server 2003 SP2 - KB4012598 (ID: 1701015)<br> MS17-010: Security update for Windows SMB Server - Windows XP SP2 - KB4012598 (x64) (ID: 1701017)<br> MS17-010: Security update for Windows SMB Server - Windows XP SP3 - KB4012598 (ID: 1701019)</font><p><font size="2" face="Arial"><br></font><p><font size="2" face="Arial">KB4012606 - Windows 10</font><font size="2" face="Arial"><br> MS17-006, MS17-007, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 - KB4012606 (ID: 401260601)<br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 - KB4012606 (x64) (ID: 401260603)</font><p><font size="2" face="Arial"><br></font><p><font size="2" face="Arial">KB4013198 – Windows 10</font><font size="2" face="Arial"><br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 Version 1511 - KB4013198 (x64) (ID: 401319801)<br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 Version 1511 - KB4013198 (ID: 401319803)<br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 Version 1607 - KB4013429 (ID: 401342907)</font><p><p><font size="2" face="Arial">KB4013429 - Windows Server 2016, Windows 10</font><font size="2" face="Arial"><br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows Server 2016 - Windows Server 2016 - KB4013429 (x64) (ID: 401342909)<br> MS17-006, MS17-007, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Cumulative Security Update for Windows 10 - Windows 10 Version 1607 - KB4013429 (x64) (ID: 401342911)</font><p><font size="2" face="Arial"><br></font><p><p><font size="2" face="Arial">II. KB2696547 - Windows 7, Windows 8, Windows 8.1, Windows 10, Windows Vista, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016</font><p><font size="2" face="Arial"> 2696547: Disable SMBv1 in Windows and Windows Server - Disable Workaround (Disable SMB v1) - Windows 7 / Windows 8 / Windows Vista / Windows Server 2008 / Windows Server 2008 R2 / Windows Server 2012 - KB2696547 (ID: 269654703)<br> 2696547: Disable SMBv1 in Windows and Windows Server - Disable Workaround (Remove SMB v1 completely) - Windows 8.1 / Windows 10 / Windows Server 2012 R2 / Windows Server 2016 - KB2696547 (ID: 269654707)<br> 2696547: Disable SMBv1 in Windows and Windows Server - Enable Workaround (Disable SMB v1) - Windows 7 / Windows 8 / Windows Vista / Windows Server 2008 / Windows Server 2008 R2 / Windows Server 2012 - KB2696547 (ID: 269654701)<br> 2696547: Disable SMBv1 in Windows and Windows Server - Enable Workaround (Remove SMB v1 completely) - Windows 8.1 / Windows 10 / Windows Server 2012 R2 / Windows Server 2016 - KB2696547 (ID: 269654705)</font><p><p><font size="2" face="Arial">FAQ</font><font size="2" face="Arial"><br>Q: How do I determine if my device has been patched?</font><font size="2" face="Arial"><br>A: If your device normally receives patch from BigFix and is not relevant to the respective Fixlets listed above, your device has been patched.</font><p><font size="2" face="Arial">Q: I suspect that my device might be missing this update. How do I verify this?</font><font size="2" face="Arial"><br>A: You can download the Microsoft Baseline Security Analyzer (MBSA) and run a scan on the target device to generate the MBSA report. If the report does not list the respective KB as missing, the device has been patched.<br>There is a known issue that the report might contain a bulletin number that is different from MS17-010. Use the patch's KB number as reference to assess the report.</font><p><font size="2" face="Arial">Q: I ran a scan to check for missing updates. The MBSA report advised that my device has been patched but the Security Only patch is installable when manually executed. Is this normal?</font><font size="2" face="Arial"><br>A: This is a known issue. Even when a monthly rollup is installed, security-only patch can be manually installed. This is attributed to Microsoft's patch relevance algorithm. BigFix has built additional logic to work around such issues. We ensure that in cases where monthly rollup is installed, security-only patch are marked as not required or not relevant.</font><br>
<p><font size="2" face="Arial">References:</font><ul><font size="2" face="Arial">For Microsoft’s update post on the Petya malware attack, see </font><a href="http://bit.ly/2u0HThN"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/2u0HThN</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">For Microsoft’s wiki entry of the Petya malware, see </font><a href="http://bit.ly/2u1jwAq"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/2u1jwAq</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">For details about Microsoft Security Bulletin MS17-010, see </font><a href="http://bit.ly/2qmU20t"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/2qmU20t</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">For the post on using BigFix Patch to protect devices from the WannaCry ransomware, see </font><a href="https://ibm.co/2s4Jem8"><u><font size="2" color="#0000FF" face="Arial">https://ibm.co/2s4Jem8</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">For more information about the patches that Microsoft released for older, unsupported platforms, see </font><a href="http://bit.ly/2raS5BZ"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/2raS5BZ</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">For more information about the differences between Security Only and Monthly Rollup updates, see </font><a href="http://bit.ly/2bmEun0"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/2bmEun0</font></u></a><font size="2" face="Arial">.</font><br><font size="2" face="Arial">To download the Microsoft Baseline Security Analyzer (MBSA), see </font><a href="http://bit.ly/1IJ6bkg"><u><font size="2" color="#0000FF" face="Arial">http://bit.ly/1IJ6bkg</font></u></a><font size="2" face="Arial">.</font></ul><br><BR>
</body></html>