Avaya Support Forums

Avaya Support Forums (http://support.avaya.com/forums/index.php)
-   Avaya Aura & Unified Communications (http://support.avaya.com/forums/forumdisplay.php?f=2)
-   -   WanaCry Vulnerability (http://support.avaya.com/forums/showthread.php?t=12755)

hughes8 05-15-2017 11:39 AM

WanaCry Vulnerability
 
Anyone having to address the WanaCry vulnerability on CallPilot? We're patched current through Hotfix SECPEP018S. I see no recourse for correction on a CallPilot server short of unplugging from the CLAN. Anyone seen an official statement from Avaya?

charlesc 05-16-2017 07:56 AM

WannaCry MS hotfix install on CallPilot HA or standalone
 
The hotfix for Windows 2003 (download from Microsoft web site): WindowsServer2003-KB4012598-x86-custom-ENU

To install the hotfix on a standalone CallPilot the hotfix can be installed without issue from the D:\temp folder.
-As always have your normal maintenance window actions complete
-Full backup
-Split RAID

To install the hotfix on a CallPilot HA you must install it on the Offline side of the HA pair.
-Stop Monitoring from the EMC AutoStart Console Split RAID on both servers.
Then you can bring the resource group back online.
-Install patch onto CallPilot 2 (CP2 being the Offline side) and reboot system.
-After reboot, fail over from CallPilot 1 to CallPilot 2 (If Telephony and AOS fail to start, manually start them from the EMC console or from the services management panel) Install Hotfix on CallPilot 1, reboot.
-Resync RAID
-Start Monitoring (if you prefer you can relocate resources back to CallPilot 1)

It is advised to have the latest hotfixes installed from CPSECPEP018S and if not a 202i or a 1006r then CPSECPEPSP2S installed as well.
These can be downloaded from the Avaya ESPL (these also should be installed on the offline side of a CallPilot HA pair).


mlombardi1 05-16-2017 10:55 AM

This is the only statement I've seen thus far.

Avaya became aware of the “WannaCry” ransomware attack on Friday, May 12, 2017. Avaya teams have assessed the risk related to servers and endpoints, as well as the risk introduced by external connections and partners, contractors, and vendors. At this time, Avaya has not identified any systems that have been impacted by the attack. Our Incident Response Team continues to work closely across internal operational groups to ensure all systems are appropriately patched. Avaya IT had already patched externally-facing systems, completed internal systems, and is pursuing outliers related to server decommission and offline endpoints. These systems are protected by advanced firewall services and anti-virus definitions. We will continue to proactively track activities for the initial attack vector, as well as any expected variants.

As it relates to applicable Avaya products, please ensure you have installed the March Microsoft Patch, MS17-010 Security Update: https://technet.microsoft.com/en-us/.../ms17-010.aspx. If you have any additional questions related to your Avaya product, please submit a ticket via support.avaya.com.

ocampm 06-06-2017 01:10 AM

WannaCry Patch for Windows Server 2003 SP1
 
Hi everyone,
Would like to know if this patch WindowsServer2003-KB4012598-x86-custom-ENU is also applicable to CallPilot running under Windows Server 2003 SP1? As far as the system requirement is concern, the requirement from Microsoft download page is Windows 2003 SP2.
Has anyone already tried to apply it to CallPilot on Windows 2003 SP1?
Thanks in advance!


Quote:

Originally Posted by charlesc (Post 31080)
The hotfix for Windows 2003 (download from Microsoft web site): WindowsServer2003-KB4012598-x86-custom-ENU

To install the hotfix on a standalone CallPilot the hotfix can be installed without issue from the D:\temp folder.
-As always have your normal maintenance window actions complete
-Full backup
-Split RAID

To install the hotfix on a CallPilot HA you must install it on the Offline side of the HA pair.
-Stop Monitoring from the EMC AutoStart Console Split RAID on both servers.
Then you can bring the resource group back online.
-Install patch onto CallPilot 2 (CP2 being the Offline side) and reboot system.
-After reboot, fail over from CallPilot 1 to CallPilot 2 (If Telephony and AOS fail to start, manually start them from the EMC console or from the services management panel) Install Hotfix on CallPilot 1, reboot.
-Resync RAID
-Start Monitoring (if you prefer you can relocate resources back to CallPilot 1)

It is advised to have the latest hotfixes installed from CPSECPEP018S and if not a 202i or a 1006r then CPSECPEPSP2S installed as well.
These can be downloaded from the Avaya ESPL (these also should be installed on the offline side of a CallPilot HA pair).




All times are GMT -7. The time now is 08:01 PM.