On June 13, 2017 Microsoft released a group of critical security patches in its normal patch schedule. Accompanied with this release was a security advisory that warns these "vulnerabilities are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures."
While no current exploit is known, the University Information Security Office (UISO) believes there is a greater chance of one being developed rapidly and released into the wild. To prevent the spread of such an exploit, patching outside of normal patch schedules is required. In addition, UISO stands ready to take necessary actions to mitigate significant institutional risk that such an exploit might create. Necessary actions may include blocking vulnerable, but not yet compromised, devices from Indiana University's networks.
UISO has seen worm activity from similar vulnerabilities like MS17-010.
UISO urges that these security patches be applied as soon as possible. Additionally, systems should be configured for automatic management of security updates.
No workarounds are recommended. Please patch immediately.