On May 12th 2017, reports of the WannaCry Ransomware Worm attacking business systems began to surface across the globe. The WannaCry virus exploits vulnerabilities in the Windows SMB Server to potentially take control of a system’s contents and demand a ransom from the system operators to release the system’s contents back to the owner.
The infector vector of the WannaCry attacks has been recognized as the EternalBlue exploit. All Windows systems actively supported by Microsoft (as well as Windows XP) are affected.
On March 14th, 2017, Microsoft released a Windows security update to safeguard systems from EternalBlue: Security Update for Microsoft Windows SMB Server 4013389.
3xLogic has also issued a patch in the form of a VGL update package: DisableSMBV1.vgl
Follow the steps below to install both patches and safeguard your VIGIL system(s).
As all 3xLogic VIGIL NVR/DVR/VMS systems run on various versions of Windows operating system, these systems, if not updated, are potentially at risk.
As an immediate response, 3xLogic has engineered an update package which can be applied to a system to disable SMB1. This VGL package works for both Windows 7 and Windows XP systems. It can be pushed via VIGIL Central Management (VCM) for mass deployment or by manually transferring the package and running it on the system in question. This will remove the immediate risk associated with Eternal Blue / WannaCry.
Once you have applied the VGL package, the system is no longer “at risk”. However 3xLogic highly recommends also applying the appropriate Microsoft Security Update as an added security measure. Navigate to the next section of this bulletin for more information.
After applying the .VGL package, 3xLogic also highly recommends all VIGIL system administrators check to confirm the official Windows update has been applied to their 3xLogic NVR/DVR/VMS systems. If this update has not been applied, 3xLogic requests administratiors download and apply the SMB Server security update to safeguard their system against possible infection.