Microsoft released security bulletin MS17-010 to patch the vulnerability exploited by the WannaCry ransomware. Additional patches for older, unsupported Windows platforms were also released. For more information about these additional patches, see http://bit.ly/2raS5BZ.
To properly patch your device, ensure that the Patches for Windows site version is 2757 or later, and apply the respective Fixlets for the following operating systems.
Windows XP, Windows Server 2003, Windows Vista, Windows 8
Apply the following Fixlets that were released for KB4012598.
MS17-010: Security update for Windows SMB Server - Windows XP SP2 - KB4012598 (x64) (ID: 1701017)
MS17-010: Security update for Windows SMB Server - Windows XP SP3 - KB4012598 (ID: 1701019)
MS17-010: Security update for Windows SMB Server - Windows Server 2003 SP2 - KB4012598 (ID: 1701015)
MS17-010: Security update for Windows SMB Server - Windows Server 2003 SP2 - KB4012598 (x64) (ID: 1701013)
MS17-010: Security Update for Microsoft Windows SMB Server - Windows Vista SP2 - KB4012598 (ID: 1701007)
MS17-010: Security Update for Microsoft Windows SMB Server - Windows Vista SP2 - KB4012598 (x64) (ID: 1701001)
MS17-010: Security Update for Windows SMB Server - Windows 8 - KB4012598 (ID: 1701009)
MS17-010: Security Update for Windows SMB Server - Windows 8 - KB4012598 (x64) (ID: 1701011)
Windows Server 2008
Apply Fixlets for KB4018466 that replaces KB4012598.
MS17-MAY: Security update for the Windows SMB Information Disclosure Vulnerability in Windows Server 2008 - Windows Server 2008 SP2 - KB4018466 (ID: 401846603)
MS17-MAY: Security update for the Windows SMB Information Disclosure Vulnerability in Windows Server 2008 - Windows Server 2008 SP2 - KB4018466 (x64) (ID: 401846601)
Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows Server 2012 R2
You can choose to apply either Security Only update or Monthly Rollup update. To learn more about the difference between the two updates, see http://bit.ly/2bmEun0.
Security Only
MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-020, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 7 SP1 - KB4012212 (ID: 1700635)
MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-020, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 7 SP1 - KB4012212 (x64) (ID: 1700633)
MS17-008, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2008 R2 SP1 - KB4012212 (x64) (ID: 700631)
MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 8.1 - KB4012213 (ID: 1700641)
MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows 8.1 - KB4012213 (x64) (ID: 1700639)
MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2012 - KB4012214 (x64) (ID: 1700643)
MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-021, MS17-022: Security Only Quality Update - Security Only - Windows Server 2012 R2 - KB4012213 (x64) (ID: 1700637)
Monthly Rollup
The following updates are the latest Monthly Rollup updates available at the time of writing:
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows 7 SP1 - KB4019264 (ID: 401926405)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows 7 SP1 - KB4019264 (x64) (ID: 401926401)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows Server 2008 R2 SP1 - KB4019264 (x64) (ID: 401926403)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows 8.1 - KB4019215 (ID: 401921505)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows 8.1 - KB4019215 (x64) (ID: 401921501)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows Server 2012 - KB4019216 (x64) (ID: 401921601)
MS17-MAY: Security Monthly Quality Rollup - Monthly Rollup - Windows Server 2012 R2 - KB4019215 (x64) (ID: 401921503)
FAQ
Q: How do I determine if my device has been patched?
A: If your device normally receives patch from BigFix and is not relevant to the respective Fixlets listed above, your device has been patched.
Q: I suspect that my device might be missing this update. How do I verify this?
A: You can download the Microsoft Baseline Security Analyzer (MBSA) and run a scan on the target device to generate the MBSA report. If the report does not list the respective KB as missing, the device has been patched.
There is a known issue that the report might contain a bulletin number that is different from MS17-010. Use the patch’s KB number as reference to access the report.
Q: I ran a scan to check for missing updates. The MBSA report advised that my device has been patched but the Security Only patch is installable when manually executed. Is this normal?
A: This is a known issue. Even when a monthly rollup is installed, security-only patch can be manually installed. This is attributed to Microsoft’s patch relevance algorithm. BigFix has built additional logic to work around such issues. We ensure that in cases where monthly rollup is installed, security-only patch are marked as not required or not relevant.
References:
- For details about Microsoft Security Bulletin MS17-010, see http://bit.ly/2qmU20t.
- For more information about the patches that Microsoft released for older, unsupported platforms, see http://bit.ly/2raS5BZ.
- For more information about the differences between Security Only and Monthly Rollup updates, see http://bit.ly/2bmEun0.
- To download the Microsoft Baseline Security Analyzer (MBSA), see http://bit.ly/1IJ6bkg.