Recent massive WannaCry ransomware attack highlighted the importance of patch management for any organization and Internet users.
Another Tech giant, Cisco announced it is investigating the potential impact of WannaCry malware on its products, especially on its solutions that can’t be patched to fix the flaw exploited by the malware.
It is an important initiative started by the company that intends to protect its customers with the assessment of its products.
The Cisco Product Security Incident Response Team (PSIRT) announced the investigation on Monday.
“The Cisco PSIRT Team is continuing to investigate the impact of this vulnerability on Cisco products that have not reached end of software maintenance support and that do not support automated or manual updates of the Microsoft patch for these vulnerabilities. Investigation is expected to be completed by Friday, May 19th.” states the announcement. “Currently no products have been found to prevent the automatic or manual installation of the MS17-010 patches or not function properly with the MS17-010 patches applied.”
According to CISCO’s announcement, its experts will investigate the impact of the MS17-010 bug on products that don’t support either manual or automated update.
The company aims to discover products that can’t be fixed.
“Currently no additional guidance other than to apply the Microsoft patches or disable SMBv1 is applicable.” continues the advisory.
CISCO published Snort rules (42329-42332, 42340, 41978) and a Cisco IPS (Intrusion Prevention System) signature pack to mitigate the threat and block WannaCrypt traffic.
Let’s hope that also other IT vendors that ship products running Windows OS will start the assessment of their products.
(Security Affairs – WannaCry ransomware, CISCO)