This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Notice - Statement on "WannaCry ransomware" attacks

  • Initial Release Date: 2017-05-13
  • Last Release Date: 2017-05-13

On May 12, 2017, a ransomware named "WannaCry ransomware" appears on the Internet, which targets at Windows by exploiting multiple Windows SMB vulnerabilities (CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148) disclosed by Microsoft on March 14. The corresponding Microsoft security notice is MS17-010.
Huawei immediately launched investigation (including the remote code execution vulnerability in the malware defense engine disclosed by Microsoft, i.e., CVE-2017-0290 ). 

Huawei has delivered Security Advisory for "MS17-010" vulnerabilities. Customers can get necessary support for product security vulnerabilities through Huawei local technical service. The link of the security advisory is: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170513-01-windows-en

2017-05-13 V1.0 UPDATED Add SA link
2017-05-13 V1.0 INITIAL

Huawei adheres to protecting the ultimate interests of users with best efforts and the principle of responsible disclosure and deal with product security issues through our response mechanism.

To enjoy Huawei PSIRT services and obtain Huawei product vulnerability information, please visit http://www.huawei.com/en/psirt.
To report a security vulnerability in Huawei products and solutions, please send it to PSIRT@huawei.com. For details, please visit http://www.huawei.com/en/psirt/report-vulnerabilities.