Tuesday, June 27, 2017

Petya Ransomware – Protect Yourself!

And again…another large scale ransomware comes to the web…
This time, it’s called Pety and much like last month Wannacry, it overwrites the Master Boot Record (MBR) with Ramson:DOS/Petya.A and encrypts system drive sectors.
After a forced reboot, the user is locked out of the the system and coerced into purchasing a key to free up the system.
A recovery information similar to the screenshot above is displayed.
What should you do?

1 – If you haven’t done this before, during Wannacry threat, and  you’re lucky enough not to get infected, than you should install Microsoft MS17-010 Update Rollout

Here’s the direct links:
Security Update Rollup
Standalone Update
Windows 10 / Server 2016 v1703 Already patched N/A
Windows 10 / Server 2016 v1607 KB4022715 N/A
Windows 10 / Server 2016 v1511 KB4022714 N/A
Windows 10 / Server 2016 “v1” KB4022727 N/A
Windows 8.1 / Server 2012 R2 KB4022717 KB4012213
Windows 8 / Server 2012 N/A KB4012598
Windows 7 / Server 2008 R2 KB4022722 KB4012212
Windows Vista / Server 2008 N/A KB4012598
Windows XP / Server 2003 N/A KB4012598

2 – Now for Petya, you should patch your Microsoft Office with one of the following hotfixes from CVE-2017-0199:

Office 2007 KB3141529
Office 2010 KB3141538
Office 2013 KB3178710
Office 2016 KB3178703

No comments:

Post a Comment