Would like Share email received from Microsoft today. Hope it will help.

What is the purpose of this alert?

This alert is to provide you with guidance concerning the ransomware issue being discussed broadly in the press starting on Tuesday, June 27, 2017, and causing a large volume of customer inquiries. This ransomware is being described by the press and security researchers as “Petya Ransomware.”

Overview Microsoft’s antivirus software detects and protects against this ransomware. Our initial analysis found that the ransomware uses multiple techniques to spread, including two which were addressed by a security update (MS17-010) previously provided for all platforms from Windows XP to Windows 10.

As a general precaution, customers should exercise caution when opening unknown files. We are continuing to investigate and will take appropriate action to protect customers..

Malware Detection Windows Defender, System Center Endpoint Protection, and Forefront Endpoint Protection detect this threat family as Ransom:Win32/Petya. Ensure you have a definition version equal to or later than: • Threat definition version: 1.247.197.0 • Version created on: 12:04:25 PM : Tuesday, June 27 2017 • Last Update: 12:04:25 PM : Tuesday, June 27 2017 In addition, the free Microsoft Safety Scanner is designed to detect this threat as well as many others. Those with a solution from an antivirus provider other than Microsoft should check with that company. Recommendations

Three specific steps customers can take to mitigate against new ransomware:

  1. Ensure you have the latest security updates installed
  2. Ensure you have the latest AV Signatures from your preferred AV vendor
  3. Do not open email/attachments from unknown/untrusted sources Note: these are good security defense-in-depth recommendations that may prevent being infected by this ransomware, but these steps alone do not ensure against infection.

Additional Resources

The Microsoft Security Tech Center

The Microsoft Security Update Guide

More Information

When new information is available that we can share, we will send a new security alert.

Regarding Information Consistency

We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative.

new-ransomware-old-techniques-petya-adds-worm-capabilities

If you have any questions regarding this alert, please contact your Technical Account Manager (TAM)/Service Delivery Manager (SDM).

Thank you, Team Microsoft


Please do let me know your thoughts/ suggestions/ question in disqus section.


Related Posts

About Ajeet Chouksey

As Technology Architect, Ajeet has over 12+ years of industry experience delivering enterprise solutions on the Microsoft Platform. Ajeet is passionate, certified technologist, blogger and community contributor. His specialisms are Azure IaaS/PaaS, Automation, DevOps, Agile based development processes supporting distributed teams (on shore & off shore), designing and implementing the appropriate infrastructure and platform solutions to meet the functional, operational, and deployment requirements throughout the solution life-cycle. Ajeet is member of various technical communities and discussion groups. He also conducted many boot camps on Azure and DevOps.