Home / / WannaCry could hit Windows 10

WannaCry could hit Windows 10

WannaCry damaged mostly machines running Windows 7, however this variant could affect Windows 10 devices

WannaCry could hit Windows 10
RiskSense found that EternalBlue, a remote kernel exploit used in WannaCry, could bypass detection rules recommended by governments and antivirus vendors.

Security researchers have discovered that a variant of the infamous WannaCry ransomware attacks could be used to infect unpatched Windows 10 machines.

RiskSense found that EternalBlue, a remote kernel exploit used in WannaCry, could bypass detection rules recommended by governments and antivirus vendors.

This version of EternalBlue, an exploit initially released by Shadow Brokers earlier this year, does not use the DoublePulsar payload common among other exploits leaked by the hacker group. DoublePulsar was the main implant used in WannaCry and a key focus for defenders.

"That backdoor is unnecessary," said RiskSense  senior security researcher, Sean Dillon. "This exploit could directly load malware onto the system without needing to install the backdoor."

EternalBlue gives instant un-credentialed remote access to Windows machines without the MS17-010 patch update. While it's difficult to port EternalBlue to additional versions of Windows, it's not impossible. Unpatched Windows 10 machines are at risk, despite the fact that Microsoft's newest OS receives exploit mitigations that earlier versions don't.

Dillon added: "These can infect a network and you won't know about it until years later. It's a threat to organisations that have been targets, like governments and corporations. Attackers may try to get onto these networks and lay dormant ... then steal intellectual property or cause other damage."

He highlights that businesses should update to Windows 10 but put in place the necessary firewalls, setting up VPN access for users who need internal access and an in-depth inventory that can identify software and devices n networks, as well as knowing when patches are released.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.