How to protect yourself from WannaCry ransomware. Update Windows immediately. The full download page for all Windows versions is available here. Download Security Update for Windows 8 for x64-based Systems (KB4012598) from Official Microsoft Download Center. New Surface Pro 6. Stand out from the ordinary. To find the latest security updates for you, visit Windows Update and click Express Install. Patches That Fix the Vulnerability For MS17-010. March, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4012212) Windows 7.

Microsoft just released a patch for Windows XP that fixes a file sharing flaw being exploited by the WannaCry ransomware. Here's how to install it.

You can download some versions of the patch using links at the bottom of this May 12th Microsoft article: Customer Guidance for WannaCrypt attacks. The full list of patch variants, including languages other than English, is in the Windows Catalog, just search for KB4012598.

For an x86 machine with Service Pack 3 installed, the downloaded file name is

windowsxp-kb4012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe

I know, its looks like malware itself. The file is small, only 665K. Logon as an Administrator and, for good luck, make a Restore Point first thing.

To see if System Restore is enabled, right click on My Computer, get the Properties and go to the System Restore tab. To actually make the Restore Point, go to Start -> Programs -> Accessories -> System Tools -> System Restore.

The installation process is simple.

1. Wizard warns you to backup your system and close all open programs
2. Then you have to agree to a license
3. Installing the patch takes only a few seconds, even on old hardware. It first asks you to wait while it 'inspects your current configuration, archives your current files and updates your files.' Then it makes a restore point.
4. When its all done, it wants you to reboot

After rebooting, you can verify that the patch was correctly installed using Add or Remove Programs in the Control Panel. You first need to turn on the checkbox to 'Show updates.' Then scroll down looking for the 'Windows XP - Software updates' section. It should be huge.

In this section, look for 'Security Update for Windows XP (KB4012598)' with the current date as the date installed (see above). Considering this is Windows XP, the installation date should stick out like a sore thumb. On two machines that I tested, it was, fortunately, the last entry in the list.

The fix applies to the file sharing component of Windows (Server Message Block or SMB) and thus prevents an XP machine from being infected over a LAN (Local Area Network). However, it would not protect an XP machine that was attacked another way, via email, for example.

I checked around (here and here) and Microsoft has not issued an update to their free anti-malware software, Security Essentials, for Windows XP. When XP went off support, it was denied access to Security Essentials. Thus, XP machines remain vulnerable to WannaCry, just not via file sharing on a LAN.

To fully protect an XP machine requires a third party antivirus product. Lotsa luck with that.

BitDefender bragged today that they can protect against WannaCry, but they do not support Windows XP (see below for update). Neither does Avira, Trend Micro or F-Secure. Kaspersky still supports XP, but their website says nothing about WannaCry.

So, yes, Microsoft released a patch for Windows XP. But now you know the rest of the story.

UPDATE: May 15, 2017. A reader was nice enough to point out that Bitdefender does offer a product that supports Windows XP (and Vista too). The name is fairly direct: Security for XP and Vista.

UPDATE: May 15, 2017. A couple people have told me that when they verified the installation of the patch, the install date was not the current date but tomorrows date. Beats me why.

FEEDBACK

Get in touch with me privately by email at my full name at Gmail. Public comments can be directed to me on twitter at @defensivecomput

Friday's ransomware outbreak is ongoing, and while researchers work to stem the tide of infection, businesses, governments, and individuals can help the cause by making sure they have protected themselves.

The attack is due to a kind of ransomware called Wanna Decryptor, also known as WannaCrypt, WanaCrypt0r, and WannaCry. The malware not only infects targets through traditional means -- such as phishing campaigns, malicious emails, and dodgy attachments -- but once a system has been infected, the malicious code scans for additional targets through networks and jumps to fresh victims.

When a system has been infected with WannaCrypt, the malware encrypts everything it can -- including the PC's hard drive and any connected devices, such as USB sticks and external storage devices.

The ransomware then locks users out of the system, throws up a landing page, and demands a $300 ransom payment in the virtual currency Bitcoin in return for files to be unlocked. This amount then doubles within a few days if payment is not forthcoming. Users are also threatened with the mass deletion of files within a week if they resist paying.

Read also: Remove ransomware infections from your PC using these free tools

If you've already been unfortunate enough to become infected with the ransomware, do not give in and pay up. The threat actors behind WannaCrypt have already made roughly $43,000 from the campaign, but there is no guarantee that you will gain your files back if you do.

Instead, unless -- or until -- a decryption key is released by security experts, the best option is to hold tight or restore your system from a backup. Alternatively, businesses can reach out to security professionals to see if infections can be eradicated without damaging their systems.

In order to be protected against this threat, it is necessary to understand that the attack only impacts those running on older Windows operating systems.

A security fix was released in March. It resolved the problem for Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, and Windows Server 2016, which are still supported.

If you are running these versions and have not downloaded Microsoft Security Bulletin MS17-010, you should do so now manually, or allow Windows Update to do the work for you.

Microsoft Wanna Cry Patch Download

If Windows Update has been enabled, then automatic updates will be applied. If not, you should re-enable the system and do not disable it again so you receive security fixes as soon as they are available for future threats.

Users of Windows 10 are not affected by the ransomware.

In response to the threat, Microsoft has also released an emergency patch for legacy Windows operating systems, which (as out of cycle products) are no longer supported -- unless special support contracts are in place.

Simple attacks plus user willingness to pay ransoms to get their files back means ransomware is on the rise, warn Kaspersky researchers.

Security updates can be download and deployed manually for Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, and Windows 8 x64 directly from Microsoft.

Grab the necessary security updates here.

Microsoft has also added a signature to the Windows Defender antivirus to detect the ransomware.

If it is not possible to patch, as noted by security expert Troy Hunt, you should disable Windows' Server Messenger Block (SMBv1) to prevent WannaCrypt exploit.

Failing this, another alternative is to lock-down machines and prevent them accessing the internet, or at least make sure network settings are as restricted as possible.

Windows 7 Wanna Cry Patch Download Pc

What the malware cannot reach, it cannot infect.

This should be a wake-up call for anyone and any business that still relies on antiquated operating systems that haven't been sold in decades. Threats that can cripped a business or destroy irreplaceable, personal content are real -- and security updates, however annoying, are important.

We are yet to see the full extent of how much damage WannaCrypt has caused, and new variants have already been spotted, so if there's any time to update systems and get them to modern OS standards, which are given regular security updates, it is now.

Read also:New WannaCrypt ransomware variant discovered in the wild | Ransomware attack: Hospitals still struggling in aftermath of WannaCrypt's rampage | Ransomware attack: The second wave is coming, so get ready now | WannaCrypt ransomware: Microsoft issues emergency patch for Windows XP | Ransomware: An executive guide to one of the biggest menaces on the web | Why patching Windows XP forever won't stop the next WannaCrypt (TechRepublic)