Skip to main content


Wanna[Cry|Scream|Belch] Ransomware

I breathed a sigh of relief last Friday when I learned that Microsoft had patched a vulnerability in March that was recently exploited by the WannaCrypt0r ransomware.  I opt to have Windows OS updates installed automatically on my workstation so I was protected before the ransomware poked through the crust from the bowels of its maker.

So what is the best practice for managing Windows patches on Oracle EPM (Hyperion) servers?

“Manage patches, don’t inflict them.”

This is the same philosophy I have with change control. Manage in lieu of inflicting. Be proactive. So here are a couple pointers to help you manage Windows patches on your EPM servers:

  1. Get informed by subscribing to the Microsoft Technical Security Notification Services. Create a Microsoft Live account if don’t already have one then update your subscription preferences:
  2. Stay up to date on Oracle security updates by subscribing to Oracle Security Alerts. Log in to Oracle Technical Network then select the Account link at the top of the page.  Select the Subscriptions page of your Profile then subscribe to Security Alerts in the “Oracle privacy policy and security notifications” section.

According to GI Joe, “Knowing is only half the battle.” Getting the security alerts is step one. The next step is to take action. I won’t insult your intelligence by describing how you should read the security notices and patch release notes, but, you must read them. Only then can you make an informed decision as to whether you need to apply patches or other updates based on your organization’s tolerance for risk.

I also recommend you take action for your home computers. The Guardian published a nice article1 last week about how to defend against the ransomware here: I couldn’t write it better.

  1. Hern, Alex. “How to protect your computer against the ransomware attack”, theguardian, 15 May 2017, Accessed 16 May 2017.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Cris Dunn

Cris Dunn is the manager of Perficient's EPM SupportNet practice which provides direct support for applications and infrastructure surrounding many organizations' EPM software implementations. He is also an Oracle University certified instructor and teaches everything around Essbase as well as the EPM installation and configuration classes. When he is not working, you will find Cris engaged in His church serving as the treasurer, musician, nursery worker, and, when necessary, toilet scrubber.

More from this Author

Follow Us