Loading...
Skip to content
 
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.

 

Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »

All Results (63040)
 

Knowledge Base (11564)
 

Content Source
Technical Articles
Content Type
Troubleshooting (409)
Plugins And Components
Products
Sort By:
A to Z
Tools And Utilities
Last Modified Date

Communities (51342)
 

Patches
 

Videos & Podcasts (134)
 

Favorites
 

Collapse Pane
Sort By:
Sort By:
Technical Article
Network Data Loss Prevention 9.x. To create the package from the Management Console: Log in to the Management Console: Type HTTPS:// and press ENTER. Log in using a valid username and password. Select the S
Last Modified Date:9/12/2016
Technical Article
McAfee SaaS Message Archiving. You see the following error during the initial setup of a Message Archiving mail source: Email Archiving could not open a socket to retrieve mail on the target mail source. This may be because the specified host cannot
Last Modified Date:1/26/2017
Technical Article
McAfee ePolicy Orchestrator (ePO) 5.x, 4.x. NOTE: For more information about how to enable additional debugging, see your ePO product documentation. For a full list of product documents, go to the ServicePortal at: http://support.mcafee.com . Click
Last Modified Date:4/9/2017
Technical Article
McAfee Host Intrusion Prevention 8.0. For information on how to enable Host Intrusion Prevention 8.0 fwPassThru mode, see KB75917 .. Save any existing HipShield and FireSvc logs and delete the originals to reset the logs. NOTE: Disable logging if it
Last Modified Date:1/6/2017
Technical Article
This happens because SIEM auto creates a rule based on the ThreatName that was associated with the first ThreatEventID received. For example, if the ThreatEventID was 18000 , and the ThreatName was The Upgrade was cancelled , the first time the event
Last Modified Date:6/19/2014
Technical Article
Because of the way rules are saved in the backend database, the McAfee Database Activity Monitoring backend database may slowly grow with unnecessary rows. This affects the rule_actions_group table and related referenced tables. Over time this table
Last Modified Date:4/7/2017
Technical Article
McAfee SIEM Event Receiver 9.x. The McAfee Linux Event Collector allows you to add a local agent to your system that can 'push' several types of data to the McAfee Event Receiver. The table below shows the supported versions of the Linux Event
Last Modified Date:4/11/2014
Technical Article
McAfee VirusScan Enterprise (VSE) 8.x McAfee VirusScan Enterprise Quarantine Manager. VSE 8.x creates backup files when files affected by a threat are removed by VSE. When dealing with these backup, or .BUP, files the following scenarios apply:
Last Modified Date:11/3/2016
Technical Article
McAfee SIEM Enterprise Security Manager (ESM) 10.x. A call home pop-up message appears after you click Connect to initiate a call home. The call home pop-up message appears to hang and does not disappear. The message states: Initiating call home
Last Modified Date:6/13/2017
Technical Article
The failure to mount a share is most likely not a malfunction of the MOVE AV Agentless SVA itself, but likely a failure of either: Third-party service Dependency or protocol providing and enabling this functionality What can often be observed
Last Modified Date:11/8/2016
Page 1 of 41Next Page
Results: 1 - 10 of 409|
Per Page