WannaCrypt variants infecting systems worldwide

The accidental stifling of WannaCrypt’s spread was too good to last, apparently. New versions of the ransomware — unaffected by the serendipitous domain registration of a security researcher — are now making their way around the world. You can even watch the malware spread using MalwareTech’s WannaCrypt live feed.

Our advice remains the same: make sure all your Windows computers have the relevant updates installed, including Windows XP. Microsoft’s Customer Guidance for WannaCrypt attacks is a good place to start; there are links to the updates at the bottom of that page. For more information about the exploit used by WannaCrypt, see Microsoft’s MS17-010 bulletin from March 14.

SANS has a good summary of the technical aspects of WannaCrypt.

Update 2017May16: There’s plenty of blame to go around for this mess. Microsoft is being criticized for abandoning Windows XP when it’s still widely used. Meanwhile, Microsoft is blaming the NSA’s vulnerability hoarding.