ShoreTel have released Service Alert: SA17025 in response to Microsoft's hotfixes for the WannaCrypt ransomware worm.
Subject: Recent Microsoft Ransomware Vulnerability
Date: May 15, 2017
Microsoft recently release MS17-010 hotfix for ransomware vulnerability
Due to the severity of the Microsoft ransomware vulnerability patched in their MS17-010 hotfix, ShoreTel recommends applying the MS17-010 hotfix immediately to all your servers and workstations. The MS17-010 hotfix can be applied to servers/workstations with all versions of ShoreTel software. ShoreTel highly recommends performing a backup of your ShoreTel servers prior to any updates.
See Microsoft’s website at the URLs below for further information:
NOTE: ShoreTel’s standard recommendation is to upgrade to the current 14.x or Connect versions.
Blackstar Solutions advise all customers to verify all Windows-based ShoreTel servers (and client workstations) as soon as possible, and if necessary as a minimum apply the appropriate security only update, as follows:
Windows Server 2012 R2 (KB4012213)
Windows Server 2012 (KB4012214)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (4012212)
Windows Server 2008 for 32-bit Systems Service Pack 2 (4012598)
Summary instructions for installation:
- Using the links above, download the update for your partcuar operating system
- Perform a back up your server pror to any updates
- Launch the security update and follow on screen prompts to install
- Reboot the server upon completion
- Review Windows Update History to verify update was installed successfully
Updates can also be applied using the Monthly Update Rollout or Windows Update Service, depending on your company security policy.