A new strain of the Petya ransomware has been discovered which utilizes a similar spread pattern of the WannaCry worm (the EternalBlue exploit). This new form of Petya spreads by using infected Microsoft Office documents taking advantage of CVE-2017-1099.
More information about the outbreak is available at:
Microsoft's information concerning CVE-2017-1099 can be found at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
It appears that systems patched with the April 11, 2017 Office security patch are immune to this attack. For a detailed walkthrough of patching this vulnerability with the KACE Systems Management appliance, please see Information regarding WannaCry virus and patch MS17-010 (229420).
For more information, please contact Microsoft support.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center