Verint - MS17-010 can be applied to all systems

Doc ID    SOLN310300
Version:    3.0
Status:    Published
Published date:    01 Jun 2017
Created Date:    29 May 2017
Author:   
Taki
 

Details

Applies officially to all Verint based systems.

Problem Clarification

Customer would like to know whether installing Microsoft Security Bulletin MS17-010 - Critical Security Update for Microsoft Windows SMB Server (4013389) could cause problems with ACR

Cause

Customer would like to install MS17-010 on their ACR system to protect against Wanacry ransomware

Solution

Verint's official answer:

Field Alert – Critical Microsoft Security Bulletin MS17-010 (Ransomware)

A large ransomware outbreak affecting some Windows systems is in effect today, with a report from the SANS Institute's Internet Storm Center estimating 45,000 attacks in 74 countries.

The ransomware is identified as "WannaCry" and is targeting a Windows Server Message Block (SMB) flaw that was addressed with Microsoft's March MS17-010 "critical" security bulletin release. The Internet Storm Center also identified this flaw as "ETERNALBLUE."

The impact of this vulnerability on our suite is not unique and its mitigation is the same as provided by MS17-010 for the various operating systems.

Based on our policy for Microsoft KBs, the KBs provided in MS17-010 can be applied on our servers and desktops.

 

Following the above there have been inquiries regarding a recommendation on disabling SMB.

·         SMBv1 can be disabled if requested by a customer.

·         SMBv2 should not be disabled.

 

Additional Relevant Phrases

Scopia

Avaya -- Proprietary. Use pursuant to the terms of your signed agreement or Avaya policy