All,
I suspect most of us have seen the news about the new ransomware WannaCry that is spreading globally.
It exploits an SMB vulnerability patched in March 2017.
Search the net on “wannacry ransomware” for additional info.
Do check to make sure your systems are patched with MS17-010.
Since Microsoft is now going to provide patches for previously unsupported OS’s (XP, 2003, 8) are there plans to make these installers available through BigFix?
reference: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
I was just coming here to ask the same…
Same; here is a link to the update catalog entry for the relevant patches:
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
Since these are already available we’ve already taken steps to manually deploy where necessary, but fixlets from IBM would be highly appreciated.
Note that the Server 2008 (non-R2) KBs have been superseded by KB4018466:
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4018466
For sure, I have implored the engineering team to produce the Fixlets as soon as possible.
Excellent, much appreciated!
The Fixlets have just been released on Patches for Windows, version 2755.
Thanks for the quick turnaround, y’all, very much appreciated.
Note: Windows Patch Content Dev just released fixlets for XP and 2003 (out of support security update)
Please Thank them for their prompt efforts!
The kill switch has been unintentionally found:
Relax is still not the work I would use, I would still strongly recommend patching, even tho the kill switch was found for this campaign does not mean that similar attacks with modified content will not pop up quickly.
Thanks again to the team for getting this content out quickly.
Has anybody had issues with the WindowsXP fixlet? It seems to install the patch but it returns a fail 100% of the time relevance wise. Our R&D folks still have these for testing but until they are forced to rid of them we have to deal with them 
KB4012598
I went to numerous machines and found that the patch was install.
The reason the fixlet was failing is because it was checking for the wrong version of the srv.sys file… the version in the package is 5.1.2600.7208, but it looks like they inadvertently tested for the XP 64-bit or Server 2003 version (5.2.3790.6021). It looks like the fixlet has been updated with the correct version check.
Thanks, that’s correct. Updated content is available in Patches for Windows, version 2756. We are sorry for the inconvenience caused.
Thank you, we are rocking now!! 
More information on the attack itself at X-Force Exchange
Since MS has the patches in Rollups, what the best way to determine if just this single patch is installed?
Looks like it was separated out in one of the links above.
Alexa,
We are using this to look for the original KB’s for MS17-010 AND all the KB’s that superseded them.
not exists keys whose (name of it contains "KB4012216" or name of it contains "KB4013429" or name of it contains "KB4012598" or name of it contains "KB4012606" or name of it contains "KB4012214" or name of it contains "KB4012217" or name of it contains "KB4012213" or name of it contains "KB4012212" or name of it contains "KB4012215" or name of it contains "KB4015217" or name of it contains "KB4019472" or name of it contains "KB4015221" or name of it contains "KB4019474" or name of it contains "KB4015551" or name of it contains "KB4019216" or name of it contains "KB4015549" or name of it contains "KB4019264" or name of it contains "KB4018466" or name of it contains "KB4015550" or name of it contains "KB4019215") of keys ("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\";"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages";"HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Hotfix") of (x32 registries;x64 registries)
This should return any system that is not patched