A month ago, it was the "WannaCry" ransomware wreaking havoc over the internet, and now this month another ransomware exploit is rapidly expanding all over Europe which started with companies in Ukraine. The new ransomware is known as "Petya", which uses the same SMBv1 exploit that WannaCry uses to rapidly replicate throughout network systems, but holds infected computers hostage in a significantly different way.
Petya does not encrypt files one by one in its attempt to elicit those Bitcoin payments, like WannaCry does, but uses an even more egregious method:
Microsoft issued a series of patches for this type of exploit back in April, including taking the unusual step of patching the unsupported Windows XP operating system. So if you're always up-to-date, you should be okay and not have to worry about a thing. However, the company also recommends removing the unused but vulnerable SMBv1 file sharing protocol from your systems.
What is the SMB File Sharing?
Other than that, it is rather pointless and not needed for the average users. Want to disable it? Here's how you do it.
For Windows 10 and Windows 8.1
Open the Control Panel (search for it with Cortana)
Click Programs and Features, and then on the left-hand column
Click Turn Windows Features on or off
Scroll down to SMB 1.0/CIFS File Sharing support,
Uncheck it, and reboot
Running an older version of Windows? Please check this Microsoft page for more details on disabling on Windows 7.
Stay safe out there!
Bought to you by Atlas Security