What exactly is MS17-010 meant to define? Is it a Microsoft news bulletin, a software vulnerability, a name of a Trojan ransomware virus? Scanning Google searches, the code MS17-010 is being used to mean all of the preceding? I look forward to your feedback.
2017年5月13日 - This vulnerability is addressed by Microsoft Bulletin MS17-010, which is also included in OS-specific Security Bulletin (roll-ups) SB17-002, …
WannaCry Ransomware and MS17-010 Vulnerability - F5 DevCentral https://devcentral.f5.com/.../wannacry-ransomware-and-ms17-010-vuln…
WannaCry Ransomware and MS17-010 Vulnerability. Updated 4 days ago• Originally posted on 16-May-2017 by Gal Goldshtein F5. article big-ip irules …
Check for MS17-010 hotfixes. Powershell. WannaCry. - Script Center … https://community.spiceworks.com/.../4038-check-for-ms17-010-hotfix…
2017年5月15日 - the script simply checks the system it’s run on for hotfixes listed in the MS17-010 bulletin. i got the base of this script from: …
MS17-010 (aka WannaCry ransomware) : msp - Reddit https://www.reddit.com/r/msp/.../ms17010_aka_wannacry_ransomware/
2017年5月15日 - Won’t bore you all with media recaps, but it’s been an interesting weekend to say the least. Thanks to the way Microsoft issues patches, there …
There you can read exactly what the name refers to. Essentially it describes
A) That there’s a known security problem.
B) It applies to these specific versions of these specific products.
C) Broadly what the problem is and how severe it is.
D) What (if anything) you can do to patch your systems to resolve the problem.
E) What (if anything) you can do before patching to minimize or eliminate your risk.
Once one of these bulletins gets published, its name becomes one of several *de facto *shorthand terms referring to any or all of the malware itself, the outbreak of the malware, the consequences of the outbreak, the response to the outbreak, etc., etc.
The taxonomy of Microsoft Security stuff is… complicated.
An MS Security Bulletin is, as mentioned upthread, marked by year issued (2 digits) and sequential bulletin number of that year (3 digits).
The patch to address an issue documented in an MS Security Bulletin is usually “packaged” in a Microsoft Knowledge Base number. This KB number may vary for different versions of Windows, or may be one “universal” knowledge base for all versions of a product.
The “overarching” KB number associated with MS17-010 is KB4013389. This is an informational page with no downloads directly labeled with that KB number. The article itself contains pointers to version-specific KB numbers with the actual downloadable patch for different supported versions of the OS. For instance, Windows 7 KB4012212 for a “security only” combined patch for his bulletin, or KB4012215 for a “monthly rollup” patch with this fix and others for the issuing month.
This is why automating patch discovery is usually just easier (assuming it works correctly).