Skip to content
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.


Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »
Collapse Pane
Sort By:
Sort By:
Technical Article
This issue exists only when too much privilege has been granted to an account that is used to retrieve McAfee product updates from UNC shares and other update sites.. McAfee Agent 5.x, 4.x McAfee ePolicy Orchestrator 5.x McAfee VirusScan Enterprise
Last Modified Date:4/7/2017
Technical Article
McAfee Agent (MA) 4.8. This article contains important information about known issues of high or medium rating that are outstanding with this product release. This article will be updated if new issues are identified post-release or if additional
Last Modified Date:4/8/2017
Technical Article
McAfee Agent (MA) 4.8. MA can delay the Windows shutdown process if the Run at every policy enforcement option in the client tasks is enabled.. MA 5.0 clients do not honor the checkbox to allow Run at every policy enforcement for reasons not related
Last Modified Date:4/9/2017
Technical Article
The ePO Server service binds to the first IP address enumerated by the operating system. Agents receive that IP address configuration when they connect to the ePO server. This might not be the correct IP address for a given networking environment..
Last Modified Date:3/7/2017
Technical Article
McAfee Agent (MA) 4.8 McAfee Host Intrusion Prevention (Host IPS) 8.0. The McTray icon (McAfee icon in the systray) is terminating unexpectedly when Host IPS 8.0 is installed. You see the following error in the Windows Application log file: Faulting
Last Modified Date:2/17/2016
Technical Article
MA sent either return code 33 or failed to send any return code for the agent update script before the FrameworkService was restarted.. McAfee Agent (MA) 4.8 Patch 3, 4.8 Patch 2 McAfee ePolicy Orchestrator (ePO) 5.x. An upgrade from MA 4.6 Patch 3
Last Modified Date:10/21/2016
Technical Article
McAfee Agent (MA) 5.x, 4.x. When troubleshooting mirror or update tasks, one of the following return codes can be logged in the Agent_ .log file and might indicate the cause of the failure: NaInet library return code
Last Modified Date:11/10/2016
Technical Article
McAfee Agent (MA) 5.x, 4.x McAfee ePolicy Orchestrator (ePO) 5.x, 4.x. Creating a custom agent installation package in ePO 5.x: Log on to the ePO 5.x console. Click Menu , Systems Section , System Tree . Select New Systems from the top-left corner.
Last Modified Date:11/10/2016
Technical Article
There is a multithreading issue accessing the agent registry.ini file.. McAfee Agent (MA) for Linux 4.x Any product that relies on McAfee Agent for Linux for updates, policy enforcement, and so on. An agent is not communicating with ePolicy
Last Modified Date:2/3/2016
Technical Article
Host IPS client rules that are created after the policy for the Host IPS module (IPS, Firewall, or Application Blocking) is set to Learn or Adaptive mode are not reported to the ePO console if Retrieve all system and product properties (recommended)
Last Modified Date:4/5/2016
Page 1 of 25Next Page
Results: 1 - 10 of 247|
Per Page