Alert – Guidance Concerning “Petya Ransomware”

What is the purpose of this alert?

This alert is to provide you with guidance concerning the ransomware issue being discussed broadly in the press starting on Tuesday, June 27, 2017, and causing a large volume of customer inquiries.  This ransomware is being described by the press and security researchers as “Petya Ransomware.”

Overview

Microsoft’s antivirus software detects and protects against this ransomware. Our initial analysis found that the ransomware uses multiple techniques to spread, including two which were addressed by a security update (MS17-010) previously provided for all platforms from Windows XP to Windows 10.

As a general precaution, customers should exercise caution when opening unknown files. We are continuing to investigate and will take appropriate action to protect customers..

Malware Detection

Windows Defender, System Center Endpoint Protection, and Forefront Endpoint Protection detect this threat family as Ransom:Win32/Petya.Ensure you have a definition version equal to or later than:

  • Threat definition version: 1.247.197.0
  • Version created on: 12:04:25 PM : Tuesday, June 27 2017
  • Last Update: 12:04:25 PM : Tuesday, June 27 2017

In addition, the free Microsoft Safety Scanner http://www.microsoft.com/security/scanner/ is designed to detect this threat as well as many others.

Those with a solution from an antivirus provider other than Microsoft should check with that company.

Recommendations

Three specific steps customers can take to mitigate against new ransomware: 

  1. Ensure you have the latest security updates installed
  2. Ensure you have the latest AV Signatures from your preferred AV vendor
  3. Do not open email/attachments from unknown/untrusted sources

Note:  these are good security defense-in-depth recommendations that may prevent being infected by this ransomware, but these steps alone do not ensure against infection.

Additional Resources

More Information

When new information is available that we can share, we will send a new security alert.

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/

68 comments

  1. I simply had to appreciate you once again. I am not sure the things I would’ve implemented without the type of creative ideas documented by you directly on that area. Entirely was a real frightful problem in my opinion, however , finding out a expert form you managed it took me to jump for gladness. Extremely happy for this advice and thus pray you find out what a great job you are always carrying out educating people today all through a site. I know that you haven’t met all of us.

  2. I wish to show my appreciation to the writer just for bailing me out of this particular predicament. Right after looking throughout the world wide web and seeing solutions that were not helpful, I thought my entire life was done. Being alive without the presence of strategies to the issues you’ve fixed all through your review is a serious case, and ones that might have negatively affected my career if I hadn’t encountered your website. Your own knowledge and kindness in dealing with every aspect was important. I’m not sure what I would’ve done if I had not encountered such a point like this. I can also at this moment look forward to my future. Thanks a lot very much for your professional and amazing help. I will not think twice to propose your blog to anyone who desires direction on this issue.

  3. Hi there! I know this is sort of off-topic however I needed to ask.
    Does building a well-established website such as yours require a lot of work?

    I’m completely new to writing a blog but I do write in my diary
    daily. I’d like to start a blog so I can easily share my experience
    and views online. Please let me know if you have any ideas or tips for brand new aspiring blog owners.
    Appreciate it!

  4. I really like your blog.. very nice colors & theme. Did you design this
    website yourself or did you hire someone to do it for you?
    Plz respond as I’m looking to create my own blog and would like to know
    where u got this from. thanks

  5. Most certainly, i have to point out that a crafting skills not necessarily which will undesirable, then again i am able to you may enhance any publishing ability. Working with reduced written text to imply the actual. You could attempt yahoo for creating knowledge guidance website or services.

  6. I would like to show some appreciation to you just for rescuing me from this crisis. Right after exploring throughout the world wide web and meeting opinions that were not productive, I assumed my entire life was over. Existing minus the answers to the problems you have resolved by means of the short article is a critical case, as well as those which could have adversely damaged my career if I hadn’t encountered your blog. Your good training and kindness in touching a lot of stuff was invaluable. I’m not sure what I would’ve done if I had not encountered such a step like this. I am able to at this point look ahead to my future. Thanks so much for this high quality and sensible help. I won’t be reluctant to propose your web page to any person who should have recommendations about this topic.

  7. My wife and i have been so cheerful that John could finish up his preliminary research through the precious recommendations he obtained through your web page. It’s not at all simplistic to simply possibly be giving for free procedures that many the others might have been selling. And we discover we need the writer to thank for that. The entire illustrations you made, the simple blog menu, the relationships you make it possible to instill – it is most fantastic, and it is making our son in addition to the family feel that that topic is satisfying, and that’s extraordinarily indispensable. Many thanks for all!

  8. I really wanted to type a simple comment so as to say thanks to you for those nice points you are showing at this site. My long internet lookup has now been paid with really good ideas to talk about with my relatives. I ‘d declare that many of us visitors actually are undoubtedly blessed to live in a fine site with so many awesome people with very beneficial guidelines. I feel rather privileged to have come across your entire web pages and look forward to some more pleasurable minutes reading here. Thank you once more for all the details.

  9. I must show my respect for your generosity in support of folks who must have assistance with that subject. Your very own commitment to getting the message around has been definitely advantageous and has frequently encouraged professionals much like me to reach their endeavors. Your own useful facts can mean a great deal a person like me and far more to my peers. Thanks a lot; from each one of us.

  10. Thanks so much for providing individuals with such a brilliant possiblity to read in detail from this website. It really is very good and as well , stuffed with amusement for me and my office peers to search the blog the equivalent of 3 times in one week to read the latest guides you will have. And indeed, I’m also actually satisfied for the very good tips you serve. Some 2 ideas in this article are clearly the most effective I’ve had.

  11. I precisely wanted to say thanks again. I am not sure the things that I might have taken care of without the type of strategies discussed by you about that situation. It was before the fearsome problem in my circumstances, nevertheless taking note of a specialized approach you processed the issue took me to cry for joy. Now i’m thankful for your work and even trust you recognize what a powerful job your are undertaking teaching the others using a blog. Most likely you haven’t encountered all of us.

Comments are closed.