Loading...
Skip to content
 
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.

 

Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »

All Results (63040)
 

Knowledge Base (11564)
 

Communities (51342)
 

Patches
 

Videos & Podcasts (134)
 

Favorites
 

Collapse Pane
Sort By:
Sort By:
Security Bulletin
McAfee credits James Nichols from 80/20 Labs for reporting this flaw.. This update resolves CVE-2016-0728, CVE-2015-3165, and CVE-2015-3166. CVE-2016-0728 The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before
Last Modified Date:4/6/2017
Security Bulletin
None.. This vulnerability allows remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) using a long and duplicative list in the -oKbInteractiveDevices command option. 'OpenSSH has a default value of six
Last Modified Date:4/7/2017
Security Bulletin
McAfee credits Matthias Deeg from SySS GmbH for reporting this weakness.. CVE-2014-8518 The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and
Last Modified Date:5/11/2017
Security Bulletin
None.. The following issues have been resolved: CVE-2017-3960 Exploitation of Authorization vulnerability in the web interface in Network Security Manager (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted
Last Modified Date:4/6/2017
Security Bulletin
This update resolves the following issue: CVE-2016-5195 A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use
Last Modified Date:4/6/2017
Security Bulletin
This vulnerability was first disclosed by The MITRE Corporation ( http://cve.mitre.org/ ) as a CVE.. libxml2 contains several vulnerabilities. MWG consumes libxml2 for parsing xml documents that are part of the web traffic and thereby it inherits the
Last Modified Date:4/7/2017
Security Bulletin
None.. CVE-2015-5600 Information disclosure. The OpenSSH sshd daemon does not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to
Last Modified Date:4/7/2017
Security Bulletin
McAfee credits Tavis Ormandy from Google for reporting this flaw.. CVE-2016-8030 A memory corruption vulnerability in the Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of
Last Modified Date:5/19/2017
Security Bulletin
McAfee credits the following companies for reporting these flaws. CVE Acknowledgements CVE-2017-4011 David Valles from Deloitte Touche Tohmatsu Services, India LLP CVE-2017-4013 David Valles from Deloitte Touche Tohm
Last Modified Date:5/18/2017
Security Bulletin
An unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22 allows remote authenticated users to cause a denial of service via unknown vectors. Please refer to HP for more information and software updates
Last Modified Date:4/6/2017
Page 1 of 8Next Page
Results: 1 - 10 of 75|
Per Page