Loading...
Skip to content
 
Urgent Announcement

McAfee is receiving multiple reports of modified Petya ransomware variants. McAfee Labs is receiving various samples which are in analysis, and can confirm that McAfee Global Threat Intelligence (GTI) is protecting against current known samples at the low setting.

  • Extensions currently known as being affected are:  .3ds, .7z, .accdb, .ai, .asp, .aspx, .avhd, .back, .bak, .c, .cfg, .conf, .cpp, .cs, .ctl, .dbf, .disk, .djvu, .doc, .docx, .dwg, .eml, .fdb, .gz, .h, .hdd, .kdbx, .mail, .mdb, .msg, .nrg, .ora, .ost, .ova, .ovf, .pdf, .php, .pmf, .ppt, .pptx, .pst, .pvi, .py, .pyc, .rar, .rtf, .sln, .sql, .tar, .vbox, .vbs, .vcb, .vdi, .vfd, .vmc, .vmdk, .vmsd, .vmx, .vsdx, .vsv, .work, .xls, .xlsx, .xvd, .zip
  • We have confirmed with the samples that SMB is being used as a propogation method, and are aware of reports that RDP may also be used but have yet to confirm this.
  • After encryption, impacted systems may show a ransom screen and suggest a system reboot after which the system will not be accessible.

McAfee has released an Extra.DAT to include coverage for this threat — it is attached to KB89540.

 

Continuing Information

McAfee will continue to post more information in Knowledge Base article KB89540 (https://kc.mcafee.com/corporate/index?page=content&id=KB89540) as available.

To receive information about McAfee product updates, sign up for the Support Notification Service (SNS) at https://sns.secure.mcafee.com/signup_login

Knowledge Center

Begin your search by entering a search term or a product. Entering both may provide more relevant search results. Search Tips
Reset|Share This Search
Search Results Feedback »
Collapse Pane
Sort By:
Sort By:
Technical Article
McAfee ePolicy Orchestrator (ePO) 5.x McAfee Performance Optimizer 2.x, 1.x. This article contains important information about known issues of high or medium rating that are outstanding with this product release. This article will be updated if new
Last Modified Date:4/9/2017
Technical Article
The file ...\McAfee\ePolicy Orchestrator\Server\conf\server.xml contains unexpected characters, for example, shutdown='^/+.]NZD,['.. McAfee ePolicy Orchestrator (ePO) 5.3.1, 5.3.0, 5.1.3, 5.1.2, 5.1.1, 5.1.0. Restoring an ePO Disaster Recovery
Last Modified Date:12/10/2015
Technical Article
McAfee Logon Collector (MLC) 3.x. This article contains important information about known issues of high or medium rating that are outstanding with this product release. This article will be updated if new issues are identified post-release or if
Last Modified Date:4/6/2017
Technical Article
During Agent to ePO server communications, the Agent sends a set of properties collected from the client operating system and any point products that are installed. These errors occur if one of these properties is invalid or malformed.. McAfee Agent
Last Modified Date:11/9/2016
Technical Article
McAfee ePolicy Orchestrator (ePO) 5.x, 4.x. NOTE: For more information about how to enable additional debugging, see your ePO product documentation. For a full list of product documents, go to the ServicePortal at: http://support.mcafee.com . Click
Last Modified Date:4/9/2017
Technical Article
McAfee ePolicy Orchestrator (ePO) 5.3.0. This document describes the support position of Sustaining Engineering relative to a McAfee application. Overview This document addresses concerns about ePO and the decryption of the db.properties file
Last Modified Date:4/6/2017
Technical Article
A registry value is present on the primary node that incorrectly identifies it as a secondary node.. McAfee ePolicy Orchestrator (ePO) 5.x. When attempting to upgrade ePO in a cluster environment by running setup.exe on the primary node of the
Last Modified Date:3/9/2017
Technical Article
This issue exists only when too much privilege has been granted to an account that is used to retrieve McAfee product updates from UNC shares and other update sites.. McAfee Agent 5.x, 4.x McAfee ePolicy Orchestrator 5.x McAfee VirusScan Enterprise
Last Modified Date:4/7/2017
Technical Article
This problem occurs because the SQL connection provider used by ePO supports only TLS 1.0. If this protocol is disabled, ePO is unable to establish a connection with the SQL server.. McAfee ePolicy Orchestrator (ePO) 5.x. If TLS 1.0 is disabled on
Last Modified Date:5/11/2017
Technical Article
This issue can occur when you have upgraded the extension but have not converted the DLP Endpoint policy to the latest version in the ePO console.. McAfee Data Loss Prevention Endpoint (DLP Endpoint) 9.3.x McAfee ePolicy Orchestrator (ePO) 5.x. After
Last Modified Date:4/6/2016
Page 1 of 68Next Page
Results: 1 - 10 of 680|
Per Page