Skip to content
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.


Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »
Collapse Pane
Sort By:
Sort By:
Security Bulletin
The POODLE vulnerability was first discovered by several researchers at Google, including Bodo Mller, Thai Duong, and Krzysztof Kotowicz. See http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html . These
Last Modified Date:4/6/2017
Security Bulletin
These vulnerabilities were first disclosed by the OpenSSL Project in a security advisory on October 15, 2014. See https://www.openssl.org/news/secadv_20141015.txt. Several McAfee products are vulnerable to one or more of the three Open Secure Sockets
Last Modified Date:3/3/2017
Security Bulletin
McAfee credits Andrew Fasano who reported these issues to CERT.. VSEL 2.0.3 (and earlier) is vulnerable to the following published security vulnerabilities. The ENSL 10.2 release resolves the following vulnerabilities. McAfee highly recommends that
Last Modified Date:5/18/2017
Security Bulletin
These vulnerabilities were first disclosed by Google and RedHat: https://rhn.redhat.com/errata/RHSA-2016-0176.html https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html. CVE-2015-7547: glibc getaddrinfo
Last Modified Date:4/7/2017
Security Bulletin
This vulnerability was first disclosed by CERT/CC Vulnerability Note VU#978508 .. Several McAfee products are vulnerable to a batch of six (6) new OpenSSL vulnerabilities and one (1) previously known vulnerability published post-Heartbleed. Unlike
Last Modified Date:1/10/2017
Security Bulletin
No acknowledgement due. McAfee was given no prior knowledge of this vulnerability (zero-day). It was announced late Monday, April 7, 2014. See http://heartbleed.com .. Several McAfee products are vulnerable to OpenSSL Heartbleed. See the McAfee
Last Modified Date:12/5/2016
Security Bulletin
These vulnerabilities was first disclosed by the OpenSSL Organization ( https://www.openssl.org/news/secadv_20150319.txt ) as a Security Advisory.. You can find the complete contents of the OpenSSL Organization's OpenSSL Product Security Advisory at
Last Modified Date:4/6/2017
Security Bulletin
None.. The following vulnerabilities were published on September 22, 2016, and then revised on September 26, 2016 in the following Security Advisories: https://www.openssl.org/news/secadv/20160926.txt https://www.openssl.org/news/secadv/20160922.txt
Last Modified Date:4/6/2017
Security Bulletin
The GHOST vulnerability was discovered by Qualys. See: https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt. The GHOST vulnerability
Last Modified Date:4/9/2017
Page 1 of 1
Results: 1 - 9 of 9|
Per Page