This article explains how to resolve the issue if Network Inspector in AVG AntiVirus shows the following alert:
- Vulnerable to "WannaCry / DoublePulsar" attack
Description
If you see the alert above after running a Network Inspector scan:
Your PC is at risk because it contains a well-known flaw called "EternalBlue", which potentially allows attackers to remotely connect to your PC and run malicious code.
The EternalBlue flaw makes you highly vulnerable to remote hijacking via a "DoublePulsar" attack. A DoublePulsar attack works by silently installing a dangerous backdoor implant on your PC, which attackers can use to bypass your PC's security and access your system without detection. After gaining access to your system, the attacker can plant malware, or steal your personal data. This means you are vulnerable to further malware attacks, including "WannaCry" ransomware.
For more information about this issue, refer to the Details section.
Solution
To remove the DoublePulsar backdoor from your PC and prevent further malware attacks, install the Microsoft Windows MS17-010 security update by following the exact instructions in the relevant section below.
Follow the steps below on the vulnerable PC that is running Windows 10:
- Restart your PC.
- Click the Windows
Start button, then select Settings (the gear icon).
- Go to Update & Security ▸ Windows Update ▸ Check for updates.
- Install any available updates.
Start button, then select 
Settings (the gear icon).
After installing the available updates, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
If the troubleshooting steps above do not work, try the other solutions below.
Other solutions
- Refer to the following article from Microsoft Support for more information about updating Windows 10:
- Use the Windows 10 Update Assistant.
- If you are unable to install the update, the only other way to fix this vulnerability is to disable the Windows file-sharing service, specifically version 1 of the SMB protocol. Refer to the following Microsoft guide to learn how to disable SMBv1:
Follow the steps below on the vulnerable PC that is running Windows 8:
- Go to the relevant link below to open the Microsoft Download Center and download the security update, then save it to your desktop:
- After your PC restarts, run the installer that you saved to your desktop in step 1.
- Restart your PC again to complete the installation process.
- Reconnect to the network.
After installing the update, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
If the troubleshooting steps above do not work, try the other solutions below.
Other solutions
- Update Windows manually via Windows Update:
- Restart your PC.
- Press the
-minus sign in the bottom-right corner of the screen to open the Windows menu options. - Go to Settings ▸ Change PC settings ▸ Windows Update ▸ Check for updates now.
- After installing any available updates, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
- If you are unable to install the update, the only other way to fix this vulnerability is to disable the Windows file-sharing service, specifically version 1 of the SMB protocol. Refer to the following Microsoft guide to learn how to disable SMBv1:
WinFollow the steps below on the vulnerable PC that is running Windows 7:
- Go to the link below to open the Microsoft Update Catalog and download the security update, then save it to your desktop:
- After your PC restarts, run the installer you saved to your desktop in step 1.
- Restart your PC again to complete the installation process.
- Reconnect to the network.
After installing the update, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
If the troubleshooting steps above do not work, try the other solutions below.
Other solutions
- Update Windows manually via Windows Update:
- Restart your PC.
- Click the Windows Start button and select Control Panel.
- Go to System & Security ▸ Windows Update ▸ Check for updates.
- After installing any available updates, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
- If you are unable to install the update, the only other way to fix this vulnerability is to disable the Windows file-sharing service, specifically version 1 of the SMB protocol. Refer to the following Microsoft guide to learn how to disable SMBv1:
Start button and select Control Panel.
Follow the steps below on the vulnerable PC that is running Windows Vista:
- Go to the link below to open the Microsoft Update Catalog and download the security update, then save it to your desktop:
- After your PC restarts, run the installer you saved to your desktop in step 1.
- Restart your PC again to complete the installation process.
- Reconnect to the network.
After installing the update, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
If the troubleshooting steps above do not work, try the other solutions below.
Other solutions
- Update Windows manually via Windows Update:
- Restart your PC.
- Click the Windows Start button and select Control Panel.
- Go to Security ▸ System & Security ▸ Windows Update ▸ Check for updates.
- After installing any available updates, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
- If you are unable to install the update, the only other way to fix this vulnerability is to disable the Windows file-sharing service, specifically version 1 of the SMB protocol. Refer to the following Microsoft guide to learn how to disable SMBv1:
Start button and select Control Panel.
Follow the steps below on the vulnerable PC that is running Windows XP:
- Go to the link below to open the Microsoft Download Center and download the security update, then save it to your desktop:
- After your PC restarts, run the installer you saved to your desktop in step 1.
- Restart your PC again to complete the installation process.
- Reconnect to the network.
After installing the update, run a Network Inspector scan in AVG AntiVirus to confirm that your PC is no longer vulnerable.
If you are unable to install the update, the only other way to fix this vulnerability is to disable the Windows file-sharing service, specifically version 1 of the SMB protocol. Refer to the following Microsoft guide to learn how to disable SMBv1:
Details
Your PC is vulnerable because it is running an outdated version of the Windows file-sharing service (SMB), which contains a serious flaw called "EternalBlue". On the affected PC, an attacker could run the specific code that installs the dangerous DoublePulsar backdoor implant.
Because the EternalBlue flaw is present on your system, you are vulnerable to further malware attacks. On May 12th 2017, the DoublePulsar backdoor in conjunction with EternalBlue was used by the "WannaCry" ransomware worm to infect thousands of PCs worldwide.
Follow the instructions in the Solution section to remove the EternalBlue flaw.
Further recommendations
All versions of AVG AntiVirus protect your PC against attacks that exploit the EternalBlue flaw, as long as the Enhanced Firewall feature is enabled. If AVG AntiVirus is not already installed on the affected PC, you can install AVG AntiVirus Free to ensure your continued protection.
For information about using Enhanced Firewall, refer to the following article:
- AVG Internet Security 22.x for Windows
- AVG AntiVirus Free 22.x for Windows
- Microsoft Windows 11 Home / Pro / Enterprise / Education
- Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
- Microsoft Windows 8.x / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
- Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1 with Convenient Rollup Update, 32 / 64-bit