Office 3. 65 Windows blog presented by Cengage Learning. The following post is by guest blogger and Cengage author Dr. Mark Ciampa. Over the past few days a malicious attack has shut down computers around the world. However, the quick actions by a security researcher prevented it from becoming a major catastrophe. This global attack distributed one of the fastest growing types of malware known as ransomware. Describes an update that provides updated definitions for compatibility diagnostics performed on Windows 10 Version 1607, Windows 10 Version 1511, Windows 8. Microsoft recently rolled out a long list of Patch Tuesday updates to Microsoft Office 2016, 2013, 2010, and Office 2007. As a quick reminder, Office 2007. To install WordPerfect Office X3 Service Pack 1. Restart your computer. Close all open applications, including any virusscanners and DAD. Lottery Pick-3 Software S. Download the update to your. Ransomware prevents a users device from properly and fully functioning until a fee is paid. The ransomware embeds itself onto the computer in such a way that it cannot be bypassed, and even rebooting causes the ransomware to launch again. Ransomware continues to be a serious threat to users. One recent report estimated that 1 billion was paid in ransom in one year, yet only 4. Enterprises are also prime targets. A recent survey revealed that almost half of all enterprises have been a victim of a ransomware attack. Several recent well publicized ransomware attacks demanding higher ransoms were against Hollywood Presbyterian Medical Center 1. Los Angeles Valley College 2. San Franciscos Municipal Transportation Agency 7. Crypto Malware. An ever more malicious form of ransomware has recently appeared. Instead of just blocking the user from accessing the computer, this ransomware encrypts all the files on the device so that none of them could be opened. This is called crypto malware. A screen appears telling the victim that his files are now encrypted and a fee must be paid in order to receive a key to unlock them. BayAuctions/0lchlibreoffice/images/000_9456_large.jpeg' alt='Microsoft Office Compatibility Patch' title='Microsoft Office Compatibility Patch' />In addition, threat actors increased the urgency for payment the cost for the key to unlock the crypto malware increases every few hours or a number of the encrypted user files are deleted every few hours, with the number continually increasing. And if the ransom is not paid promptly often within 3. On Friday May 1. The malware, known as Wanna, Wannacry, or Wcry, initially infected at least 7. Russia was the victim of the highest number of attacks by a wide margin, followed by Ukraine, India, and Taiwan. Ransomware infections also spread through the United States. The Wcry ransom is 3. If they did not pay in one week then the ransomware threatened to delete the files altogether. Eternal. Blue. There were two elements that made this attack unique. First, the ransomware was written with ransom demands in over two dozen languages, so it clearly was intended to be a global attack. Second, the ransomware exploited a vulnerability called Eternal. Blue, first uncovered by the National Security Agency NSA which was using it as part of its own arsenal in attacking and spying on other nations This Eternal. Blue code was stolen from the NSA and leaked to the world last month by a group calling itself Shadow Brokers. The Wcry ransomware copied virtually verbatim large sections of Eternal. Blue. In the initial hours of the attack wide spread concern quickly grew that this would cripple computers around the world and become a major cybersecurity attack. However, just a quickly as it started it suddenly died down. What happened How Was This Attack Taken Down A British security researcher who was following the initial attack received a sample of the malware code and quickly analyzed it. He saw that the malware contacted an attackers command and control C C server that was based on an unregistered domain. JPG' alt='Office Compatibility Patch' title='Office Compatibility Patch' />As part of the normal protocol of security researchers who try to limit attacks, he promptly registered the domain so that now he controlled it and not the attackers. As it turned out, this was a major stroke of luck. The attackers who wrote the code included an instruction to try to circumvent it from being analyzed. Wcry ransomware attempted to connect to the specific domain used by the attackers if the connection is NOT successful the ransomware leaps into action and locks up the computer, but if it IS successful the malware exits. By registering the domain and taking control of it this British security researcher saved the day all instances of Wcry did connect to the domain after it was registered and thus did nothing. This significantly crippled WCry. As of the first of this week May 1. Bitcoin wallets linked to the code in the malware earning the attackers only 7. This is a far cry from what could have happened. So what are the lessons learned As with many attacks, WCrys initial success was based on an oft repeated user mistake not keeping their computers patched. The vulnerability in Windows that was exploited by WCry Apple computers are not impacted was actually patched back on March 1. Had users patched their computers, Wcry could not have spread as it did. Microsoft also took the unprecedented step of creating a patch for the Windows 8, Windows XP, and Windows Server 2. Apply the Patch Now. It appears that there are some variations of WCry still circulating without the kill switch, so vigilence is still the word. If you have a Windows 1. Windows verion you can apply the patch here. To read the technical details of the attack you can go here. To read about the attack from information written by the British researcher go to the Ars Technica site here. Stay secure Dr. Mark Ciampa is an Associate Professor of Information Systems in the Gordon Ford College of Business at Western Kentucky University in Bowling Green, Kentucky. Prior to this he was an Associate Professor and served as the Director of Academic Computing at Volunteer State Community College in Gallatin, Tennessee for 2. Mark has worked in the IT industry as a computer consultant for the U. S. Postal Service, the Tennessee Municipal Technical Advisory Service, and the University of Tennessee. He has published 1. Security Guide to Network Security Fundamentals 5ed, CWNA Guide to Wireless LANs 2ed, Guide to Wireless Communications, Security Awareness Applying Practical Security In Your World 5ed, and Networking BASICS. Dr. Ciampa holds a Ph. D in technology management with a specialization in digital communication systems from Indiana State University and also has certifications in Security and HIT. Here is the complete list of Microsoft Office updates. Microsoft recently rolled out a long list of Patch Tuesday updates to Microsoft Office 2. Office 2. 00. 7. As a quick reminder, Office 2. October as Microsoft ended support for this tool. These updates improve system resource usage in Word, Excel, and Power. Point, improve translations, fixes Power. Point freezes and crashes and add many security improvements for the many Microsoft Office vulnerabilities. The most severe of these issues could even allow remote code execution when users open a specially created Office file. Without further ado, here is the complete list of the latest Microsoft Office updates. Microsoft Office Patch Tuesday updates Microsoft Office 2. Microsoft Access KB4. This update improves the translation of Allow Full Menus option for the Danish version of Access 2. Microsoft Excel KB4. This update brings a long list of fixes and improvements. For more information, check out Microsofts Support page. Microsoft Office security update KB4. This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution. Microsoft Office security update KB2. This update also patches remote code execution vulnerabilities. Microsoft Office KB4. This update fixes an issue in which the decimal tabs in Word 2. Windows regional settings. Microsoft Office KB4. This update fixes Power. Pivot crashes. Microsoft Office KB4. For more information, go to Microsofts Support page. Microsoft Office KB4. This update fixes the issues broken HTML links when you copy and paste a HTML URL that contains a number sign to Skype for Business 2. Microsoft Office KB4. For more information, go to Microsofts Support page. Microsoft Office KB4. This update fixes the issue where a Visio drawing that has patterned fills is printed incorrectly in the 3. Visio 2. 01. 6. Microsoft Outlook KB4. For more information, go to Microsofts Support page. Power. Point KB4. This update adds support for multiple items selection in the dialog box when you open links by selecting Edit Links to Files in a presentation in Power. Point 2. 01. 6. Skype for Business KB4. For more information, go to Microsofts Support page. Microsoft Word KB4. This security update resolves a vulnerability in Microsoft Office that could allow remote code execution through a specially crafted Office file. Microsoft Office 2. Microsoft Access KB3. This update improves the translation of the Allow Full Menus option for the Danish version of Access 2. Microsoft KB4. 01. This update improves several translations for the Danish and German versions of Excel 2. Microsoft Office KB3. This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution. Microsoft Office KB3. This security update fixes remote code execution vulnerabilities. Microsoft Office KB4. This update fixes PDF pixelation issues. Microsoft Office KB4. This update fixes graphics rendering issues and memory allocation bugs. Outlook KB4. 01. 11. This update fixes remote code execution vulnerabilities. Skype for Business KB4. This update brings remote code execution bug fixes. Microsoft Word KB4. Just like the update listed above, this patch also fixes remove code execution issues. Microsoft Word KB4. This update fixes Outlook 2. PDF viewing issues where images appear black. For more information on how to repair Outlook 2. Windows 1. 0, check out this guide. Office 2. 01. 0All the updates listed below fix vulnerabilities that could result in remote execution of code. Microsoft Office KB2. Microsoft Office KB2. Microsoft Office KB3. Outlook KB4. 01. 11. Microsoft Word KB3. Office 2. 00. 7The following updates patch a series of vulnerabilities that could result in remote execution of code. Office Compatibility Pack KB3. Microsoft Word KB3. Security update Word Viewer KB4. If you encountered any issues after installing the updates listed in this article, do tell us more about your experience in the comment section below.