loader gif

WannaCry? Hundreds of US schools still haven’t patched servers

WannaCry? Hundreds of US schools still haven’t patched servers (Malware and Vulnerabilities)

There are hundreds of thousands of Internet-connected Windows systems in the United States that still appear to be vulnerable to an exploit of Microsoft Windows' Server Message Block version 1 (SMB v. 1) file sharing protocol, despite repeated public warnings to patch systems following the worldwide outbreak of the WannaCry cryptographic malware two years ago. And based on data from the Shodan search engine and other public sources, hundreds of them—if not thousands—are servers in use at US public school systems. While conducting research as a follow-up to our coverage of Baltimore City’s ongoing ransomware attack, Ars discovered that neighboring Baltimore County’s public school system had eight publicly accessible servers that still were running in configurations that indicated they were vulnerable to EternalBlue, the Equation Group exploit exposed by Shadow Brokers in April 2017 and then used as part of the WannaCry malware a month later.

loader gif