PDF(74.1 KB) View with Adobe Reader on a variety of devices
ePub(72.5 KB) View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle)(74.1 KB) View on Kindle device or Kindle app on multiple devices
Updated:May 15, 2017
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes a mitigation plan for ransomware called Wanna Cry (also known as WannaCry, WanaCrypt0r and WCry) affecting Windows Server based Cisco Unified Contact Center Enterprise (UCCE) applications.
The vulnerability affects Microsoft products therefore it is strongly recommended to use official documents provided by the vendor or contact Microsoft support. This document is intended to address some of the questions from Cisco UCCE environment perpective and simplify the patch installation for Cisco Contact Center environment.
Cisco recommends that you have knowledge of these topics:
Windows Operating System
Cisco Unified Contact Center Enterprise (UCCE)
Windows Servers running Cisco UCCE software may be affected by Ransomware Malware "Wanna Cry" (WannaCry, also known as WanaCrypt0r and WCry).
Note: The vulnerability is present only on Microsoft Windows based systems Server Message Block (SMB) version 1 protocol.
Note: The vulnerability does not affect Cisco UCCE applications.
To ensure that Windows Server is not affected by the vulnerability run this command in Windows CMD tool.
wmic qfe list | findstr "4012212 4012215 4012213 4012216 4015549 4013389" http://support.microsoft.com/?kbid=4012215 ALLEVICH-F9L4V Security Update KB4012215 NT AUTHORITY\SYSTEM 4/30/2017
If the output contains one of these KBs the system is not vulnerable. If the output is empty you need to install correct security patch.
Warning: Hotfix number may be different for your system, so it is mandatory to the official article provided by Microsoft to determine the correct patch.
The patch installation requires Windows Server reboot.
Customers are responsible for reviewing any security update released by Microsoft for Windows, IIS, and SQL Server, and assessing their security exposure to the vulnerability. Read this bulletin for more details.