So, CVE-2017-0144 https://nvd.nist.gov/vuln/detail/CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities.
This vulnerability is addressed by Microsoft Bulletin MS17-010, which is also included in OS-specific Security Bulletin (roll-ups) SB17-002, SB17-003, SB17-004. MS17-010 applies to Server 2003 and Server 2008, while SB17-002 applies to Server 2008 R2, SB17-003 applies to Server 2012 R2 and SB17-004 applies to Server 2012 (thanks to Joe Schuler)
Part of what makes the vulnerability so serious is that it doesn’t require direct action by the user, simply having the vulnerability and being on the same network as an infected host can expose your system to the ransomware.
So, how do we address this using SecOps Response?
I imported my latest scan info, then went over to the Operator Dashboard. Filter by “CVE-2017-0144”, and it shows me exactly which systems have this vulnerability detected on, and that the oldest detection is 22 days old (and now in violation of SLA, being a critical vulnerability):
I scroll down and see all the systems that I can remediate.
Select some notifications, then hit execute now.
Isn’t that easy?
This post originally appeared on BMC Communities: https://communities.bmc.com/community/bmcdn/secops-response-service/blog/2017/05/13/wannacry-cve-2017-0144-ms17-010-on-secops-response
- Security Automation And The SecOps Crisis
- Confessions of a “Hacker” and How to Protect Your Enterprise
- What is DevSecOps? DevSecOps Explained
- Four Essential Tips for Cloud Security
- Spectre and Meltdown Vulnerabilities: Avoid the War Room
Dummies Guide to Security Operations
When security and operations teams collaborate closely, they can protect your business more effectively against all kinds of threats. Learn how you can maintain better security and compliance in the SecOps For Dummies guide.