A massive attack is spreading globally by way of a vulnerability in Microsoft 's Server Message Block that was patched Vulnerability-related.PatchVulnerability in March . Ransomware is no longer just a nuisance . Now it 's quite literally a matter of life and death . A massive ransomware attack Attack.Ransom being labeled as `` WannaCry Attack.Ransom `` has been reported around the world and is responsible for shutting down hospitals in the United Kingdom and encrypting files at Spanish telecom firm Telefonica . The WannaCry attack Attack.Ransom is not a zero-day flaw , but rather is based on an exploit that Microsoft patched Vulnerability-related.PatchVulnerability with its MS17-010 advisory on March 14 in the SMB Server . However , Microsoft did not highlight Vulnerability-related.DiscoverVulnerability the SMB flaw until April 14 , when a hacker group known as the Shadow Brokers released Vulnerability-related.DiscoverVulnerability a set of exploits , allegedly stolen Attack.Databreach from the U.S.National Security Agency . SMB , or Server Message Block , is a critical protocol used by Windows to enable file and folder sharing . It 's also the protocol that today 's WannaCry attack Attack.Ransom is exploiting to rapidly spread from one host to the next around the world , literally at the speed of light . The attack is what is known as a worm , `` slithering '' from one host to the next on connected networks . Among the first large organizations to be impacted by WannaCry is The National Health Service in the UK , which has publicly confirmed that it was attacked Attack.Ransom by the Wan na Decryptor. `` This attack Attack.Ransom was not specifically targeted at the NHS and is affecting organisations from across a range of sectors , '' the NHS stated . `` At this stage we do not have any evidence that patient data has been accessed Attack.Databreach . '' Security firm Kaspersky Lab reported that by 2:30 p.m . ET May 12 it had already seen more than 45,000 WannaCry attacks Attack.Ransom in 74 countries . While the ransomware attack Attack.Ransom is making use of the SMB vulnerability to spread , the encryption of files is done by the Wanna Decryptor attack Attack.Ransom that seeks out all files on a victim 's network . Once the ransomware has completed encrypting files , victims are presented with a screen demanding a ransom Attack.Ransom . Initially , the ransom requested Attack.Ransom was reported to be $ 300 worth of Bitcoin , according to Kaspersky Lab . `` Many of your documents , photos , videos , databases and other files are no longer accessible because they have been encrypted , '' the ransom note states . `` Maybe you are busy looking for a way to recover your files , but do not waste your time . Nobody can recover your files without our decryption service . '' It 's not clear who the original source of the global WannaCry attacks Attack.Ransom is at this point , or even if it 's a single threat actor or multiple actors . What is clear is that despite the fact that a software patch has been available Vulnerability-related.PatchVulnerability since March for the SMB flaws , WannaCry is using tens of thousands of organizations that did n't patch Vulnerability-related.PatchVulnerability .

Cisco has released Vulnerability-related.PatchVulnerability fixes for 34 flaws in its software , including 24 that affect Vulnerability-related.DiscoverVulnerability its FXOS software for Firepower firewalls and NX-OS software for Nexus switches . Cisco 's June updates include fixes for five critical arbitrary code execution vulnerabilities affecting Vulnerability-related.DiscoverVulnerability FXOS and NX-OS and 19 high-rated flaws affecting Vulnerability-related.DiscoverVulnerability the software . Four of the critical flaws affect Vulnerability-related.DiscoverVulnerability FXOS and NX-OS Cisco Fabric Services , while the fifth one affects Vulnerability-related.DiscoverVulnerability the NX-API feature of NX-OS . All have a CVSS v3 score of 9.8 out of a maximum of 10 . Cisco Fabric Services facilitate distribution and synchronization of configuration data between Cisco devices on the same network . Some of the flaws allow an unauthenticated , remote attack to execute arbitrary code and one allows an attacker to do so as root . Multiple switches are vulnerable Vulnerability-related.DiscoverVulnerability if they 've been configured to use Cisco Fabric Services , including its Nexus 2000 series through to Nexus 9000 series switches , as well as Cisco 's Firepower 4100 Series Next-Gen Firewalls and other hardware . The insufficient input validation may occur when FXOS and NX-OS process Cisco Fabric Services packets received during distribution and synchronization . There are various ways to exploit each of the flaws , depending on what Cisco Fabric Services distribution types have been configured . For example , if Fibre Channel ports are configured as a distribution type for a device , the attack could occur via Fibre Channel over Ethernet ( FCoE ) or Fibre Channel over IP ( FCIP ) . Cisco has already rolled out Vulnerability-related.PatchVulnerability fixes in some releases of FXOS and NX-OS . Cisco posted a blog this week explaining why it often fixes Vulnerability-related.PatchVulnerability bugs in IOS and NX-OS releases before disclosing Vulnerability-related.DiscoverVulnerability them in an advisory . It 's a practice that appears to cause confusion for customers wondering why it has n't told them fixed code has been available Vulnerability-related.PatchVulnerability for several months before it discloses Vulnerability-related.DiscoverVulnerability them . Cisco 's answer is that some flaws affect Vulnerability-related.DiscoverVulnerability more than 50 versions of its software . `` There have been some questions as to why creating Vulnerability-related.PatchVulnerability fixes and releasing Vulnerability-related.PatchVulnerability updates can take several weeks , or sometimes even months , before an advisory is published , '' Cisco 's Customer Assurance Security Programs team wrote . `` In some cases , there is a large number of supported software versions to be updated . The number of affected versions that will be updated Vulnerability-related.PatchVulnerability can range from single digits to nearly 50 or more . We are committed to issuing Vulnerability-related.PatchVulnerability fixes for every one of those supported versions . '' `` If we disclosed Vulnerability-related.DiscoverVulnerability the vulnerability after only fixing Vulnerability-related.PatchVulnerability one release , we would unnecessarily expose all customers running Vulnerability-related.PatchVulnerability other releases to potential exploitation once details about the attack itself became public . '' There are also 10 medium-severity flaws , including one that affects Vulnerability-related.DiscoverVulnerability some WebEx endpoints due to an already disclosed flaw in Nvidia 's Tegra TX1 chips .