When the Petya malware arrived in Europe this week, it seemed at least at first like a repeat the WannaCry cyber-attacks in May.
The victims were running Microsoft Windows computers that had not been patched to close a vulnerability in the SMBv1 protocol.
Microsoft issued the patch in mid-March, and since that time the company has released security updates for Windows versions stretching back to XP. Yet those computers remained vulnerable.
When the Petya malware emerged this week companies in Europe were the hardest hit, although some U.S. companies were affected as well. If there is any good news, it’s that the rate of infection seems slower than last time and the malware doesn’t seem to be as efficient at attacking across networks as WannaCry was.
In addition, the lower rate of infection may be the result of organizations actually applying Microsoft’s patches on a timely basis.
But the obvious question has to be, why aren’t some companies bothering to fix their Windows operating systems, even in the face of an obvious threat? The excuses are many. Some IT managers worry that a patch may somehow break something in their IT environment.
Others don’t have the resources to do their jobs. Some organizations don’t have an actual IT staff, while in others work with shadow IT environments in which nobody really knows what computers are systems they are running and which need maintenance.
Originally published on eWeek
Page: 1 2
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…