Home > Internet > Ngăn chặn sự tấn công của virus wanna cry

Ngăn chặn sự tấn công của virus wanna cry

Để ngăn chặn Virus wanna cry chúng ta nên cập nhật bản mới nhất của hệ điều hành windows,  Để update các bạn truy cập vào link sau:

Để xem windows của mình thuộc phiên bản nào, bao nhiêu bit:

click phải vào my computer (this PC) giống trong ảnh -> chọn propertice

xem phien ban he dieu hanh
xem phien ban he dieu hanh

Danh sách bản vá

Hệ Điều Hành Windows SMB Remote Code Execution Vulnerability – CVE-2017-0143 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0144 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0145 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0146 Windows SMB Information Disclosure Vulnerability – CVE-2017-0147 Windows SMB Remote Code Execution Vulnerability – CVE-2017-0148 Cập nhậT
Windows Vista
Windows Vista Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Vista x64 Edition Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for x64-based Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for Itanium-based Systems Service Pack 2
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 7 for 32-bit Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows 7 for x64-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 7 for x64-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows 8.1
Windows 8.1 for 32-bit Systems
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 8.1 for 32-bit Systems
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows 8.1 for x64-based Systems
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows 8.1 for x64-based Systems
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012
(4012214)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012
(4012217)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205409
Windows Server 2012 R2
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 R2
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows RT 8.1
Windows RT 8.1[2]
(4012216)
Monthly Rollup
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows 10
Windows 10 for 32-bit Systems [3]
(4012606)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210720
Windows 10 for x64-based Systems [3]
(4012606)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210720
Windows 10 Version 1511 for 32-bit Systems [3]
(4013198)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210721
Windows 10 Version 1511 for x64-based Systems [3]
(4013198)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3210721
Windows 10 Version 1607 for 32-bit Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Windows 10 Version 1607 for x64-based Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Windows Server 2016
Windows Server 2016 for x64-based Systems [3]
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(4012598)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3177186 in MS16-114
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(4012212)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(4012215)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3212646
Windows Server 2012 (Server Core installation)
(4012214)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 (Server Core installation)
(4012217)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205409
Windows Server 2012 R2 (Server Core installation)
(4012213)
Security Only[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
None
Windows Server 2012 R2 (Server Core installation)
(4012216)
Monthly Rollup[1]
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3205401
Windows Server 2016 for x64-based Systems [3](Server Core installation)
(4013429)
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Critical
Remote Code Execution
Important
Information Disclosure
Critical
Remote Code Execution
3213986

Đường dẫn chính thức chứa các file cập nhật của MS

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Đường dẫn cho những hệ điều hành cũ hơn  (Windows XP, Windows Server 2003 R2), MS cũng không quên đưa ra những bán vá lỗi cho những hệ điều hành mà hãng này đã thông báo khai từ vào năm ngoái

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Đóng các port 135 và 445

Theo gi nhận từ công ty phòng chống virus, Wcrypt xâm nhập máy tính thông qua các cổng SMB (Server Message Block). Để ngăn chặn sự xâm nhập, bạn nên chặn các cổng 135 và 445 vì thông qua cổng này virus xâm nhập vào hầu hết các hoạt động của bạn: như website, email, ứng dụng…. những chương trình phổ biến mà người dùng sử dụng.

Để đóng các cổng này bạn làm theo hướng dẫn sau: 

Mở comander với quyền administrator

hình hướng dẫn chặn port 135
hình hướng dẫn chặn port 135

cmd.exe -> run as administrator. thực hiện 2 lệnh sau:

netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=135 name="Block_TCP-135"

netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445"

Khóa chức năng hỗ trợ SMBv1:  ngăn chặn sự lây lan virus trong mạng nội bộ

Chạy lệnh này trong cmd (chạy dưới dạng quản trị viên).

dism /online /norestart /disable-feature /featurename:SMB1Protocol
tat chuc nang SMBv1
tat chuc nang SMBv1

Bên cạch đó sáng nay công ty BKAV cũng vừa tuyên bố phát hành bộ công cụ kiểm tra wanna cry miễn phí. 
các bạn có thể truy cập vào website của BKAV để tài về kiểm tra. 
kiem tra virus wana cry
kiem tra virus wana cry
Trương Dương

Sữa chữa máy tính tại nhà|Sữa chữa laptop|Nạp mực máy in