And again…another large scale ransomware comes to the web…
This time, it’s called Pety and much like last month Wannacry, it overwrites the Master Boot Record (MBR) with Ramson:DOS/Petya.A and encrypts system drive sectors.
After a forced reboot, the user is locked out of the the system and coerced into purchasing a key to free up the system.
A recovery information similar to the screenshot above is displayed.
What should you do?
1 – If you haven’t done this before, during Wannacry threat, and you’re lucky enough not to get infected, than you should install Microsoft MS17-010 Update Rollout
Here’s the direct links:
Product
|
Security Update Rollup
|
Standalone Update
|
| Windows 10 / Server 2016 v1703 | Already patched | N/A |
| Windows 10 / Server 2016 v1607 | KB4022715 | N/A |
| Windows 10 / Server 2016 v1511 | KB4022714 | N/A |
| Windows 10 / Server 2016 “v1” | KB4022727 | N/A |
| Windows 8.1 / Server 2012 R2 | KB4022717 | KB4012213 |
| Windows 8 / Server 2012 | N/A | KB4012598 |
| Windows 7 / Server 2008 R2 | KB4022722 | KB4012212 |
| Windows Vista / Server 2008 | N/A | KB4012598 |
| Windows XP / Server 2003 | N/A | KB4012598 |
2 – Now for Petya, you should patch your Microsoft Office with one of the following hotfixes from CVE-2017-0199:
Product
|
Update
|
| Office 2007 | KB3141529 |
| Office 2010 | KB3141538 |
| Office 2013 | KB3178710 |
| Office 2016 | KB3178703 |
No comments:
Post a Comment