防範加密勒索軟體WannaCry(WanaCrypt0r 2.0) 的新型變種勒索病毒

近日加密勒索軟體WannaCry(WanaCrypt0r 2.0) 的新型變種勒索病毒正利用 Windows漏洞(MS17-010漏洞)肆虐,受感染的電腦將會有大量檔案被加密,並且要求高價比特幣贖金。

此波勒索軟體攻擊是利用微軟伺服器訊息區塊(SMB)協定存在數個安全漏洞,台灣受影響的電腦以 Windows XP/Vista/7/8/8.1居多,作業系統請立刻進行 Windows Update 檢查並安裝更新。

已與行政院資安處密切聯繫,已初步將該加密勒索軟體的惡意IP列為黑名單並予以阻擋。請各位務必做好下列檢測與更新事項:
一、先進行自我檢測:
1.關閉網路連線(無線、有線均關閉)
2.檢視工作管理員(同時按Alt+Ctrl+Del)>處理程序,若是看到此兩隻程式:tasksche.exe 或 mssecsvc.exe,即刻關機(立即拔掉電源),並洽資訊人員協助處理。
3.若無中勒索病毒現象,即刻將重要資料備份,備份資料離線保管。
二、再進行系統更新:
1.確實持續更新電腦的作業系統、應用程式及防毒軟體等至最新版本。
(1)微軟官方已針對此勒索軟體利用之弱點釋出修復程式,請儘速進行windows update更新
(詳細說明請參考微軟官方網頁https://technet.microsoft.com/zh-tw/library/security/ms17-010.aspx)。
(2)目前微軟 Windows XP與 Vista 已經不再會有任何更新,建議考慮將 Windows 升級到最新版作業系統(Windows 10)。
(3) 針對此次漏洞不同作業系統版本所發布之修補程式(點選超連結下載)。
· Windows Server 2003 SP2 x64 :http://download.windowsupdate.com/d/csa/csa/secu/2017/02/windowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe
· Windows Server 2003 SP2 x86 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fcsa%2Fcsa%2Fsecu%2F2017%2F02%2Fwindowsserver2003-kb4012598-x86-custom-enu_f617caf6e7ee6f43abe4b386cb1d26b3318693cf.exe&h=ATMhrpBoSeav_VkrGubeLttXsHrT1MIeUYQV1GsB_8S9qDcmCmoegfvPG-jjS34Gxs9cAIE49VFPlvvTNlzmLo3dKvTp2S4Oc0ZL593YaJ7TYouV1QkpdRBknl4yXMXMQhZHbAHSJ5U&s=1
· Windows XP SP2 x64 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fd%2Fcsa%2Fcsa%2Fsecu%2F2017%2F02%2Fwindowsserver2003-kb4012598-x64-custom-enu_f24d8723f246145524b9030e4752c96430981211.exe&h=ATMbPMiNdZVHNy_yvZJD1SXLoKRzRtLFbDEVfQbbe9cm0-mMMNjJrW9NKOtkrd_Nq1Lz09CkGkWKOZzgEOqcb7xk1HNT7UKvsxEWsKbi9_fRRMK4wDGc98ur9wOar6cMftTlGkTeEaw&s=1
· Windows XP SP3 x86 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fd%2Fcsa%2Fcsa%2Fsecu%2F2017%2F02%2Fwindowsxp-kb4012598-x86-custom-enu_eceb7d5023bbb23c0dc633e46b9c2f14fa6ee9dd.exe&h=ATOq0YQwC8s2P0HCJMO13mhlBRBfJtvOVCYsBjqoIU4tAL1Sekwco9NJwqExoTjXLqPotn4SJpw6QxRBA5zXBnFi-e6FtzQU9M7y9pQoEAlA9HV5rZck0XPCZPWVEN5Nx0V3UkfgotA&s=1
· Windows XP Embedded SP3 x86 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fcsa%2Fcsa%2Fsecu%2F2017%2F02%2Fwindowsxp-kb4012598-x86-embedded-custom-enu_8f2c266f83a7e1b100ddb9acd4a6a3ab5ecd4059.exe&h=ATPIhktfV65q70jpGBDC0rRGa6Tv1A79Dk7WgjpVQ3NjBrSUYWLxz-2Tagzoj6TofN-s_KvpO1jiO4Az3gZUWnINRDXAlya7LJrEpSXTtJ_jDW5UO3HNY9rjXyjzl6h-1VzqV1itOBw&s=1
· Windows 7 x64: https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fmsdownload%2Fupdate%2Fsoftware%2Fsecu%2F2017%2F05%2Fwindows6.1-kb4019264-x64_c2d1cef74d6cb2278e3b2234c124b207d0d0540f.msu&h=ATPdJijGPZuYB6wOxWGDhZbzP3-Awct7MPhB_6lcve7_IeFbbf2dxzlIVzF_VWeK0X20j6nm2IVdoGWYdOSTtz0i0IKV7yNFNaHJ_2M0WWX94iP0T5h92bIB-UfajUcSc-eaO4DcU94&s=1
· Windows 7 x32:https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fmsdownload%2Fupdate%2Fsoftware%2Fsecu%2F2017%2F05%2Fwindows6.1-kb4019264-x86_aaf785b1697982cfdbe4a39c1aabd727d510c6a7.msu&h=ATPSliSmz9vS2SHIPP9UMzYIg0TtCWrz7y789vYKKjaPVk3jBH-SoUz3F3exwF6uGufjwSOCWina3FAcEtNd4_ps5J4sRZA0utABAWlOfwTmRB9vgGYmwnNwDsN9N6RHek9NibYk6c8&s=1
· Windows 8 x86 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fmsdownload%2Fupdate%2Fsoftware%2Fsecu%2F2017%2F05%2Fwindows8-rt-kb4012598-x86_a0f1c953a24dd042acc540c59b339f55fb18f594.msu&h=ATNAZ_BawoHC-Md3QIHkCRk0M9GXwoHow6GDJL2i-ss2kBUsiMWGspGihWHsPpK2KU7SqBQ_sXTD_rPj46dCQATAWGswYcRGoT9x6Kb2dWZDmbXBavHWRCVcMLC70m0y786m-fwqyqM&s=1
· Windows 8 x64 :https://l.facebook.com/l.php?u=http%3A%2F%2Fdownload.windowsupdate.com%2Fc%2Fmsdownload%2Fupdate%2Fsoftware%2Fsecu%2F2017%2F05%2Fwindows8-rt-kb4012598-x64_f05841d2e94197c2dca4457f1b895e8f632b7f8e.msu&h=ATNCzpcFs8CzMKPYY8mypmdNK8yH42ylnkqrKYx7x47eX7dSLL7ML8Ut1gb-UWxCiUmCVZF_vBe9GLYIc8jHNdzO-cdAzHSmS6R_ihbaQK7O9h-L9qqt5bGItR_5fq7v3tA9PGJC_6o&s=1
2. 若電腦中原無安裝防毒軟體,可下載微軟官方所提供之防毒軟體Windows Defender,
可針對系統中的惡意程式WannaCryptor提供偵測並清除。Windows Defender下載位置:
https://support.microsoft.com/zh-tw/help/14210/security-essentials-download