So the Windows patch to prevent this has been available for 2 months, and many large organizations such as the UK’s NHS have not bothered to update their security???? I am understanding this correctly?
This seems like IT malfeasance and incompetence of an extraordinary degree. I can understand that random individual users may not keep on top of their security updates, but how can multi-billion dollar (or pound) organizations not maintain the most elementary forms of computer security????
Heads should roll....
Well, the UK NIH is on Windows XP still.
This patch is only a step in what this HACK is, and it seems to be something the CIA/FBI let remain, so they could exploit it, when they were supposed to find a cure. If not, then I have two things mixed up.
NSA was using this to spy on people. I closed my computer to any access from outside, and backed up everything. I also have TOR, to use now instead of Windows 10. Not sure how secure anything is anymore!
Reminds me of back around 2002 when the State Dept. terrorist watch list was hacked. They got into the system via a Windows exploit. This exploit was known 6 months prior ( a well known one that Microsoft sent an alert out on )and a patch was provided. I wrote my congressmen on it- only one answered ( DeMint) and he said that his office checked into it and State assured them that no data was taken. I wrote back that 1) How can they be sure no data was taken and 2)The main point wasn't that they just got into the system but that the IT staff did not update the patch that allowed them to get into the system - even though it had been available for 6 months ( which also told me that they had not updated their system for at least 6 months, so how many more vulnerabilities were there on the system ). I got no reply to the second letter.
My last Windows Update was Nov 15, 2016
Start button> Control Panel> Windows Update
I checked and there are 526.8mb more updates waiting for me.
How do we know these updates will block any of the gov’t spyware?
Maybe they open up your computer to the gov’t.
Yeah, the patch has been out there a while. But architecturally speaking, security (esp in Windows OS) has been an after thought and a bolt on. It has not been designed into the system. So maintenance via patching has always been after the fact.
Updating machines is frequently up to the user. That’s what happened to us. Boxen used by grad students that had Automatic Windows Update turned off because they don’t want to reboot the machine.
I have a machine that does not have this update....because it has been turned off for several weeks.