More Than Just Your Local Computer Store

WannaCry (MS17-010) & MS17-013 Vulnerability Check Tool

NEW! This application now supports detecting the MS17-013 GDI Vulnerability and allows you to download the patches to fix it! This is a critical security hole that must be patched! Microsoft has released the updates to patch it from Windows XP to Windows 10! Use this tool to check and/or to patch your system!

June 27, 2017 - Petya Ransomware Variant

Today a multi-pronged attack that started as a phishing campaign targeting the infrastructure in Ukraine has become yet another a global ransomware attack, infecting companies from the Ukraine, to the United Kingdom to Germany to the United States.

The "payload" of this attack is twofold, it's an updated version of the Petya ransomware that is well known for it's viciousness where it doesn't encrypt individual files, but the master boot record on your computer. In layman's terms, it locks you out of you hard drive, ie: all your files simultaneously. There are reports that this payload also includes a variant of the Loki Bot Trojan horse. This Trojan extracts username and passwords from infected computers. The result of this multi-pronged attack is that it leaves the user not only with an inoperable computer, but steals valuable information that the attacker can use to take advantage of during the confusion of being infected by this virus.

Intelligence indicates that this ransomware attack is being spread using the EternalBlue exploit, like WannaCry, and would explain why it is spreading so quickly

At the time of this writing, notable infected companies include US-Based pharmaceutical company Merck and the law firm DLA Piper, Ukrenergo, the state power distributor in Ukraine, WPP, Saint Gobain, Maersk, Rosneft and several banks throughout the Ukraine.

Because intelligence suggests that this is being spread using the EternalBlue exploit, our Vulnerability Checker will tell you whether you're protected or not.

June 15, 2017 - MS17-013

Citing an "elevated risk for destructive cyberattacks" by government organizations (or copycats), Microsoft released a number of critical security updates in addition to their regular schedule of updates on Tuesday. These updates are designed to provide further protection against potential attacks with characteristics similar to WannaCrypt.

Microsoft is claiming these vulnerabilities are at a "heightened risk of exploitation due to past nation-state activity and disclosures." Some of the patches released on Tuesday were new, while some were patched in previous updates. Customers with automatic updates enabaled are protected, however if you have disabled or deferred your Windows Updates, you should update immediately. If you're not sure, keep reading to find out if you're vulnerable or not.

The specific vulnerabilties Microsoft is talking about allows for "remote code execution" if a user (YOU) either visits a specially crafted website or opens a specially crafted document or email. This means you can get infected by simply doing what you do every day!

Because of this, for the second time, Microsoft has taken the extraordinary and unprecedented move of releasing these patches for their unsupported operating systems (Windows XP, Vista, 8, etc). If you're running an unsupported version of Windows, make sure you download these patches immediately, as they are not available through the regular "Windows Updates" catalogue. We have updated our previous WannaCry Vulnerability Check Tool to include the ability to check for this new set of Vulnerabilities released by Microsoft, and to help you download the patch if you need it.

May 16, 2017 - MS17-010: WannaCry

If you've been watching the news recently you know that a massive "Ransomware" virus has been infecting Windows computers around the globe, it has been dubbed “WannaCry”. There was a security patch released by Microsoft in March of 2017 to the general public through Windows Updates that patched the security hole in Windows computers that this virus used to gain access. Unfortunately, most people don't keep up to date with Windows Updates. Let's Get Digital has written a utility that you can use to check whether you're vulnerable to this type of virus attack and also provides you with the ability to download the patch directly from Microsoft should you need to.

Without this utility, users were left trying to figure out whether or not they were protected using a convoluted and frustrating user interface or set of commands, especially for those that aren't in the technical field. On top of that, users were left trying to figure out which update number corresponded to their version of Windows, and which update number includes other updates.

The utility that Let's Get Digital has developed works on Windows from Windows XP to the latest Windows 10. Simply download and run it and it will tell you whether you've installed the patch through Windows Updates that will keep you protected. This is a critical system update that you must have in order to be protected from this strain of attack!

Download our Vulnerability Checker FREE

You can download this file by clicking here (554kb executable) or for a compressed zip version (low bandwidth or metered connections) click here (147kb zip).

Changelog

1.0.0 - May 16, 2017:

  • Initial Release

1.1.0 - May 17, 2017:

  • Added support for Windows 10 Version 1703 (Creator's Update)
  • Added version number support in the "About" window

1.2.0 - June 15, 2017:

  • Updated the WannaCry MS17-010 update database to reflect the June monthly quality updates
  • Added support for the MS17-013 GDI vulnerability
  • Added the ability to download the patches to fix the MS17-013 vulnerability
  • Application renamed to "Vulnerability Checker" from "WannaCry Check" to reflect the above changes

Application screenshots:

Vulnerability Check Tool for WannaCry MS17-010 and MS17-013 GDI Vulnerability

'