<https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wa...
Look near the bottom under Further Resources.
Those are the links appear to be patches for older versions of Windows. The link that Josh sent initially is probably the most straight forward for currently supported versions. https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Scroll down below “Affected Software and Vulnerability Severity Ratings” and click on the link in the left column it will being you to the MS Update Catalog download page for the patch in question. Keep in mind that since MS started doing monthly patch rollups instead of individual patches, they are listing a “rollup” KB# and “security only” KB# for each version of Windows. For example, look at Windows 2012/2012R2 above – there are four different KB#s depending on the OS version and update method being used. KB4012217 : “monthly rollup” version for 2012 (gets delivered via windows update - contains this patch and several others) KB4012214 : “security only” version for 2012 for this one patch KB4012216 : 2012R2 version of the rollup KB4012213 : 2012R2 version of the security only patch -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Keith Stokes Sent: Monday, May 15, 2017 11:49 AM To: Keith Medcalf <kmedcalf@dessus.com> Cc: nanog@nanog.org Subject: Re: Please run windows update now <https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/> https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wa... Look near the bottom under Further Resources. On May 15, 2017, at 10:44 AM, Keith Medcalf < <mailto:kmedcalf@dessus.com%3cmailto:kmedcalf@dessus.com> kmedcalf@dessus.com<mailto:kmedcalf@dessus.com>> wrote: I do not see any links to actually download the actual patches. Just a bunch of text drivel. -- ˙uʍop-ǝpısdn sı ɹoʇıuoɯ ɹnoʎ 'sıɥʇ pɐǝɹ uɐɔ noʎ ɟı -----Original Message----- From: NANOG [ <mailto:nanog-bounces@nanog.org> mailto:nanog-bounces@nanog.org] On Behalf Of <mailto:timrutherford@c4.net%3cmailto:timrutherford@c4.net> timrutherford@c4.net<mailto:timrutherford@c4.net> Sent: Monday, 15 May, 2017 09:23 To: 'Josh Luthman'; 'Nathan Fink' Cc: <mailto:nanog@nanog.org> nanog@nanog.org Subject: RE: Please run windows update now I should clarify, the link in my email below is only for windows versions that are considered unsupported. This one has links for the currently supported versions of windows <https://support.microsoft.com/en-us/help/4013389/title> https://support.microsoft.com/en-us/help/4013389/title -----Original Message----- From: <mailto:timrutherford@c4.net> timrutherford@c4.net [ <mailto:timrutherford@c4.net> mailto:timrutherford@c4.net] Sent: Monday, May 15, 2017 11:12 AM To: 'Josh Luthman' < <mailto:josh@imaginenetworksllc.com> josh@imaginenetworksllc.com>; 'Nathan Fink' < <mailto:nefink@gmail.com> nefink@gmail.com> Cc: 'nanog@nanog.org' < <mailto:nanog@nanog.org> nanog@nanog.org> Subject: RE: Please run windows update now They even released updates for XP & 2003 <http://www.catalog.update.microsoft.com/search.aspx?q=4012598> http://www.catalog.update.microsoft.com/search.aspx?q=4012598 -----Original Message----- From: NANOG [ <mailto:nanog-bounces@nanog.org> mailto:nanog-bounces@nanog.org] On Behalf Of Josh Luthman Sent: Monday, May 15, 2017 10:45 AM To: Nathan Fink < <mailto:nefink@gmail.com> nefink@gmail.com> Cc: <mailto:nanog@nanog.org> nanog@nanog.org Subject: Re: Please run windows update now Link? I only posted it as reference to the vulnerability. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Sat, May 13, 2017 at 2:07 AM, Nathan Fink < <mailto:nefink@gmail.com> nefink@gmail.com> wrote: I show MS17-010 as already superseded in SCCM On Fri, May 12, 2017 at 1:44 PM, Josh Luthman <josh@imaginenetworksllc.com wrote: MS17-010 <https://technet.microsoft.com/en-us/library/security/ms17-010.aspx> https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, May 12, 2017 at 2:35 PM, JoeSox < <mailto:joesox@gmail.com> joesox@gmail.com> wrote: Thanks for the headsup but I would expect to see some references to the patches that need to be installed to block the vulnerability (Sorry for sounding like a jerk). We all know to update systems ASAP. -- Later, Joe On Fri, May 12, 2017 at 10:35 AM, Ca By < <mailto:cb.list6@gmail.com> cb.list6@gmail.com> wrote: This looks like a major worm that is going global Please run windows update as soon as possible and spread the word It may be worth also closing down ports 445 / 139 / 3389 <http://www.npr.org/sections/thetwo-way/2017/05/12/> http://www.npr.org/sections/thetwo-way/2017/05/12/ 528119808/large-cyber-attack-hits-englands-nhs-hospital- system-ransoms-demanded --- Keith Stokes