A widespread cyberattack is currently underway on Windows-based servers and desktops across the globe. Here's what you should know.
The vulnerability that is being exploited was patched by Microsoft in a critical update on March 14 for versions of Windows that are within their support life cycle (from Windows Server 2008 forward for servers).
If you are on a supported version of Windows and have automatic updates enabled, you should already be protected. Check if you have the latest updates installed, in particular MS7-010 which directly addresses this vulnerability.
For our managed customers, we have confirmed today that the update has been installed on your servers where possible or we have disabled the functionality containing the vulnerability in most cases. For unmanaged customers, we would recommend checking your server's update status as soon as possible to ensure that you are protected.
This vulnerability also affects desktop computers running Windows, and while versions from Vista forward are protected by the above critical update, as Windows XP has been out of support since 2014 there are no security updates for this vulnerability for Windows XP.
More technical information on the vulnerability is available in this article from Kaspersky Lab for those that are interested. As always, if you have any questions or concerns about this with regard to your services at SiteHost, don't hesitate to get in touch.