|
Post by Delta9 on May 14, 2017 13:29:24 GMT
It was very easily preventable, the exploit was patched 3 months ago so any up to date computers were fine. Disagree, you can't easily update the many systems that the NHS use automatically and blindly. Well they were managing to do it previously until the government stopped paying for support.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on May 14, 2017 13:38:24 GMT
Disagree, you can't easily update the many systems that the NHS use automatically and blindly. Well they were managing to do it previously until the government stopped paying for support. Is there any evidence though that NHS PC's that dont have XP on them haven't been affected? Or is it only XP machines? My understanding is newer OS's have been affected too - if they haven't been patched. That would only count as an 'excuse' for not doing it for XP machines surely which is the support the govt. stopped paying for.
|
|
|
Post by Robbo on May 14, 2017 13:40:54 GMT
Disagree, you can't easily update the many systems that the NHS use automatically and blindly. Well they were managing to do it previously until the government stopped paying for support. still disagree, they never automatically and blindly updated systems. It's okay to do it at a firm where you have standard applications and it doesn't hurt anyone apart from financially when you do upgrade, but when you have systems controlling health equipment or PC's in operating theatres just for admin, you don't want that system to start upgrading itself. They have to planned.
|
|
|
Post by Robbo on May 14, 2017 13:45:25 GMT
Well they were managing to do it previously until the government stopped paying for support. Is there any evidence though that NHS PC's that dont have XP on them haven't been affected? Or is it only XP machines? My understanding is newer OS's have been affected too - if they haven't been patched. That would only count as an 'excuse' for not doing it for XP machines surely which is the support the govt. stopped paying for. It's a security flaw in SMB v1 which is still enabled in Windows 10. My guess is that as for most trusts it's been less than a day to recover it was a reaction to shut down all machines to stop it spreading as they didn't know the full cause or if it was a zero day thing.
|
|
|
Post by Delta9 on May 14, 2017 13:46:00 GMT
Well they were managing to do it previously until the government stopped paying for support. still disagree, they never automatically and blindly updated systems. It's okay to do it at a firm where you have standard applications and it doesn't hurt anyone apart from financially when you do upgrade, but when you have systems controlling health equipment or PC's in operating theatres just for admin, you don't want that system to start upgrading itself. They have to planned. It's not hard to plan and implement an important security patch.
|
|
|
Post by Robbo on May 14, 2017 13:53:08 GMT
still disagree, they never automatically and blindly updated systems. It's okay to do it at a firm where you have standard applications and it doesn't hurt anyone apart from financially when you do upgrade, but when you have systems controlling health equipment or PC's in operating theatres just for admin, you don't want that system to start upgrading itself. They have to planned. It's not hard to plan and implement an important security patch. Who says it was important? Okay time has told this one was important, but important ones come out every month. Also The application may need testing to confirm that it is fully functional health wise before any patch is implemented.
|
|
|
Post by Delta9 on May 14, 2017 14:37:14 GMT
It's not hard to plan and implement an important security patch. Who says it was important? Okay time has told this one was important, but important ones come out every month. Also The application may need testing to confirm that it is fully functional health wise before any patch is implemented. Microsoft said it was important. The exploit was leaked from NSA files a while ago, MS responded with a patch.
|
|
|
Post by Robbo on May 14, 2017 14:57:40 GMT
Who says it was important? Okay time has told this one was important, but important ones come out every month. Also The application may need testing to confirm that it is fully functional health wise before any patch is implemented. Microsoft said it was important. The exploit was leaked from NSA files a while ago, MS responded with a patch. Microsoft always has number of important updates that say it's important. This particular vunrability patch was only available a couple of months ago, the NSA leak (free one) was about 6 weeks ago.
|
|
|
Post by Stumpy on May 14, 2017 14:57:50 GMT
Apparently a lot of NHS computers are still running on Windows XP, which is no longer supported and rather vulnerable. Im currently at work (met police communications HQ) and operating system here is.......yep.....XP Nothing to do woth lack of money.......just lack of foresight I recently sent some of my business files to our Natwest branch. Our "Business Relations Manager " said he couldn't open them, because Natwest were still running XP.
|
|
Deleted
Deleted Member
Posts: 0
|
Post by Deleted on May 14, 2017 15:25:33 GMT
Has Jeremy Hunt commented yet? ...
|
|
|
Post by Delta9 on May 14, 2017 15:49:47 GMT
Microsoft said it was important. The exploit was leaked from NSA files a while ago, MS responded with a patch. Microsoft always has number of important updates that say it's important. This particular vunrability patch was only available a couple of months ago, the NSA leak (free one) was about 6 weeks ago. The patch was 3 months ago, not long after the leak. I'm not sure why you keep trying to excuse them for having chronically out of date computers.
|
|
|
Post by Robbo on May 14, 2017 16:01:31 GMT
Microsoft always has number of important updates that say it's important. This particular vunrability patch was only available a couple of months ago, the NSA leak (free one) was about 6 weeks ago. The patch was 3 months ago, not long after the leak. I'm not sure why you keep trying to excuse them for having chronically out of date computers. The patch came out in March and the leak was freely available a couple of weeks after.
|
|
|
Post by Robbo on May 14, 2017 16:14:26 GMT
The patch was 3 months ago, not long after the leak. I'm not sure why you keep trying to excuse them for having chronically out of date computers. The patch came out in March and the leak was freely available a couple of weeks after. Actually looking at the dates, it was a month after it was patched that the tools were freely released, not two weeks as I stated. The patch came March 14th, tools April 14th which is when Microsoft highlighted the flaw in SMB.
|
|
|
Post by Delta9 on May 14, 2017 16:19:49 GMT
The patch was 3 months ago, not long after the leak. I'm not sure why you keep trying to excuse them for having chronically out of date computers. The patch came out in March and the leak was freely available a couple of weeks after. I'm not sure what point you are trying to make. The leak was available before that, but it isn't particularly relevant. The fact is that the exploit and the patch that fixes it have been about for a while, but the NHS wouldn't have had access to the patch as they stopped paying for support 3 years ago...
|
|
|
Post by Delta9 on May 14, 2017 16:21:23 GMT
The patch came out in March and the leak was freely available a couple of weeks after. Actually looking at the dates, it was a month after it was patched that the tools were freely released, not two weeks as I stated. The patch came March 14th, tools April 14th which is when Microsoft highlighted the flaw in SMB. So how does this support the NHS using unsupported computers for 3 years. God knows what other old exploits they ere vulnerable to.
|
|