What We Know
A new ransomware variant is spreading quickly across the globe at the time of this writing. There is no consensus yet in the security research community, so the following information is provisional in nature:
The ransomware has been dubbed “Petya.” It likely spreads by using two separate exploits. You don’t need to click on anything or take any action. This can spread into your system through the network. That is why it is having such a wide impact and why it is important that you update your system to protect yourself.
For the technically minded: This ransomware is exploiting a vulnerability in Microsoft Office when handling RTF documents (CVE-2017-0199). It also exploits a vulnerability in SMBv1 which is the Microsoft file-sharing protocol. This second vulnerability is described in Microsoft security bulletin MS17-010.
For the rest of this blog go to: www.goo.gl/6hqLgo