网络安全

网络安全

当前位置: 首页 > 网络安全 > 正文

防范勒索病毒的SMB漏洞补丁打不上如何处理

作者: 日期:2018-12-26浏览:

勒索病毒大规模爆发虽然过去很久了,但偶尔仍会看到有中毒或变种的报道。

在实际工作中发现,有些服务器系统由于各种原因,使用第三方工具或系统自带的windows updata,都不能安装SMB漏洞补丁。

解决这个问题,大家可以通过手工下载smb补丁的形式,进行安装。

安装之后再进行检测,就不会再显示漏洞提示。


各版本补丁地址如下:

WIN7,2008和2012操作系统,打不上补丁的同学(提示“此更新不适用于您的计算机”),可以详见更新说明

特别提醒:

1、确保135,137,139,445端口已通过路由器、端口策略,防火墙封闭的,或者其他安全工具(比如360NSA武器库免疫工具:http://dl.360safe.com/nsa/nsatool.exe)补丁过的,可以不打微软补丁,但若不清楚或者不确定的,请务必打上微软的补丁

2、2008和2003、XP必打,现在均有漏洞批量利用工具

2012和2016好一些没有大面积被黑,但是都建议打上对应补丁,因为没有批量利用工具做出来,不代表这个漏洞是无法利用的,有可能只是工具还没开发出来而已,打上更安全

以下为20170513微软最新发布的XP和2003特别版补丁

20170513微软发布了Windows XP和Windows 2003的ms17-010特别版补丁,详情请看以下链接

-------------------------------

winxp特别补丁 - KB4012598

-------------------------------

winxp sp3 32位 Security Update for Windows XP SP3 (KB4012598)

http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsxp-kb4012598-x86-custom-chs_dca9b5adddad778cfd4b7349ff54b51677f36775.exe

winxp sp2 64位 Security Update for Windows XP SP2 for x64-based Systems (KB4012598)

http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe

-------------------------------

win2003特别补丁 - KB4012598

-------------------------------

win2003 32位(支持win2003 SP2和R2 SP2) Security Update for Windows Server 2003 (KB4012598)

http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x86-custom-chs_b45d2d8c83583053d37b20edf5f041ecede54b80.exe

win2003 64位(支持win2003 SP2和R2 SP2) Security Update for Windows Server 2003 for x64-based Systems (KB4012598)

http://download.windowsupdate.com/c/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-chs_68a2895db36e911af59c2ee133baee8de11316b9.exe

以下为2008R2 SP1、2012R2、2016补丁

-------------------------------

2008R2 SP1补丁 KB4012212、KB4012215(两个补丁都需要打)

-------------------------------

March, 2017 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4012212)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_2decefaa02e2058dcd965702509a992d8c4e92b3.msu

March, 2017 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4012215)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_a777b8c251dcd8378ecdafa81aefbe7f9009c72b.msu

打不上的同学(提示“此更新不适用于您的计算机”)可能用的是2008R2(而非2008R2 SP1),请先打SP1升级补丁,升级为2008R2 SP1,才能打上这2个补丁

Windows Server 2008 R2 Service Pack 1 (KB976932)

https://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X64.exe

怎么看版本,同时按Windows键+R键,在运行对话框中输入winver,显示的是

内部版本7600(2008R2)

内部版本是7601(2008R2 SP1)

如果还打不上,可以查看下是否已经打上了后续的滚动补丁包,如果已经打过后面的滚动补丁包(包含前面的所有补丁),就无需再打上面这2个补丁

-------------------------------

2012R2补丁 KB4012213、KB4012216(两个补丁都需要打)

-------------------------------

March, 2017 Security Only Quality Update for Windows Server 2012 R2 (KB4012213)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_5b24b9ca5a123a844ed793e0f2be974148520349.msu

March, 2017 Security Monthly Quality Rollup for Windows Server 2012 R2 (KB4012216)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_cd5e0a62e602176f0078778548796e2d47cfa15b.msu

打不上的同学(提示“此更新不适用于您的计算机”)可能用的是2012R2(2013发布)原始版本(而非2014年底发布的2012R2 with Update),需要先升级以下3个补丁,才能打上面这2个补丁

KB2919442

https://download.microsoft.com/download/D/6/0/D60ED3E0-93A5-4505-8F6A-8D0A5DA16C8A/Windows8.1-KB2919442-x64.msu

clearcompressionflag.exe

https://download.microsoft.com/download/2/5/6/256CCCFB-5341-4A8D-A277-8A81B21A1E35/clearcompressionflag.exe

KB2919355

https://download.microsoft.com/download/2/5/6/256CCCFB-5341-4A8D-A277-8A81B21A1E35/Windows8.1-KB2919355-x64.msu

如果还打不上,可以查看下是否已经打上了后续的滚动补丁包,如果已经打过后面的滚动补丁包(包含前面的所有补丁),就无需再打上面这2个补丁

-------------------------------

2016补丁 KB4013429

-------------------------------

Cumulative Update for Windows Server 2016 for x64-based Systems (KB4013429)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows10.0-kb4013429-x64_ddc8596f88577ab739cade1d365956a74598e710.msu

以下为Windows Vista SP2 、win7 SP1、Windows 8.1、win10 1607补丁

-------------------------------

Windows Vista SP2 补丁 KB4012598

-------------------------------

Windows Vista SP2 32位

Security Update for Windows Vista (KB4012598)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.0-kb4012598-x86_13e9b3d77ba5599764c296075a796c16a85c745c.msu

Windows Vista SP2 64位

Security Update for Windows Vista for x64-based Systems (KB4012598)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.0-kb4012598-x64_6a186ba2b2b98b2144b50f88baf33a5fa53b5d76.msu

-------------------------------

win7 SP1补丁 KB4012212、KB4012215(两个补丁都需要打)

-------------------------------

win7 SP1 32位

March, 2017 Security Only Quality Update for Windows 7 (KB4012212)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x86_6bb04d3971bb58ae4bac44219e7169812914df3f.msu

March, 2017 Security Monthly Quality Rollup for Windows 7 (KB4012215)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x86_e5918381cef63f171a74418f12143dabe5561a66.msu

win7 SP1 64位

March, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4012212)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/02/windows6.1-kb4012212-x64_2decefaa02e2058dcd965702509a992d8c4e92b3.msu

March, 2017 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4012215)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows6.1-kb4012215-x64_a777b8c251dcd8378ecdafa81aefbe7f9009c72b.msu

打不上的同学(提示“此更新不适用于您的计算机”)可能用的是WIN7(而非WIN7 SP1),请先打SP1升级补丁,升级为WIN7 SP1,才能打上这2个补丁

Windows7 Service Pack 1 (KB976932) 32位 SP1补丁

https://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X86.exe

Windows7 Service Pack 1 (KB976932) 64位 SP1补丁

https://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X64.exe

怎么看版本,同时按Windows键+R键,在运行对话框中输入winver,显示的是

内部版本7600(WIN7)

内部版本是7601(WIN7 SP1)

-------------------------------

Windows 8.1补丁 KB4012213、KB4012216(两个补丁都需要打)

-------------------------------

Windows 8.1 32位

March, 2017 Security Only Quality Update for Windows 8.1 (KB4012213)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x86_e118939b397bc983971c88d9c9ecc8cbec471b05.msu

March, 2017 Security Monthly Quality Rollup for Windows 8.1 (KB4012216)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x86_d4facfdaf4b1791efbc3612fe299e41515569443.msu

Windows 8.1 64位

March, 2017 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB4012213)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/02/windows8.1-kb4012213-x64_5b24b9ca5a123a844ed793e0f2be974148520349.msu

March, 2017 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB4012216)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows8.1-kb4012216-x64_cd5e0a62e602176f0078778548796e2d47cfa15b.msu

-------------------------------

win10 1607补丁 KB4013429

-------------------------------

win10 1607 32位

Cumulative Update for Windows 10 Version 1607 (KB4013429)

http://download.windowsupdate.com/c/msdownload/update/software/secu/2017/03/windows10.0-kb4013429-x86_8b376e3d0bff862d803404902c4191587afbf065.msu

win10 1607 64位

Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB4013429)

http://download.windowsupdate.com/d/msdownload/update/software/secu/2017/03/windows10.0-kb4013429-x64_ddc8596f88577ab739cade1d365956a74598e710.msu

首发Hostloc.com,Captain 20170513整理,20170520更新,转载请务必保留此行


作者:loveceo
链接:https://www.jianshu.com/p/5856a25662e3
來源:简书
简书著作权归作者所有,任何形式的转载都请联系作者获得授权并注明出处。


原文链接:

https://www.vpsdx.com/2822.html

https://www.jianshu.com/p/5856a25662e3