On March 14th, 2017, Microsoft released a security bulletin titled Microsoft Security Bulletin MS17-010 - Critical,
also known as MS17-010
. The advisory details vulnerabilities in the Microsoft Server Message Block 1.0 (SMBv1) server, which has been the vector for exploiting the ransomware cyber attack named WannaCry
or Wanna Decryptor
The Cisco PSIRT Team has completed the investigation on Cisco products that have not reached end of software maintenance support and that do not
support automated or manual updates of the Microsoft patch for these vulnerabilities. No products have been found to prevent the automatic or manual installation of the MS17-010 patches or not function properly with the MS17-010 patches applied.
The Cisco Web Security Appliance, while not exploitable by the WannaCry suite of malware, requires the SMBv1 protocol for communication with Microsoft Active Directory. For full details on this dependency, please consult Cisco bug ID CSCuo70696