Blackmail worm virus variants, advised immediately dispose of the three departments

on May 14, the Beijing municipal committee of the net letter office, the Beijing municipal public security bureau, Beijing via letter committee jointly issued "about WannaCry blackmail worms appeared varieties and disposal work suggested that notice."Notice" pointed out that the relevant departments of the monitoring found that WannaCry blackmail worms appeared varieties: WannaCry 2.0, unlike previous versions of is that this variant is cancelled the so-called Kill Switch, cannot close by to register a domain name variants blackmail the spread of the worm.Transmission of the variant speed may be faster, and the variation of relevant disposal method is the same as the previous version, recommended for immediate attention and treatment.

the relevant units:

the relevant departments of monitoring found that WannaCry blackmail worms appeared varieties: WannaCry 2.0, unlike previous versions of is that this variant is cancelled the so-called Kill Switch, cannot close by to register a domain name variants blackmail the spread of the worm.Transmission of the variant speed may be faster, and the variation of relevant disposal method is the same as the previous version, recommended for immediate attention and treatment.

a, please immediately organization network detection, find all open 445 SMB service port terminal and server, once found poisoned machine, immediately broken network disposal, it seems to hard disk formatting to clear the virus.

, Microsoft is currently published repaired patch MS17-010 "the eternal blue" attack system vulnerabilities, please as soon as possible for the computer to install this patch, https://technet.microsoft.com/zh-cn/library/security/MS17-010;For XP, 2003, Microsoft is no longer provide security update machine, suggest to upgrade the operating system version, or closed port, under the influence of holes can be avoided by extortion software such as viruses.

3, once found poisoned machine, immediately broken network.

4, enable and open the Windows firewall, into the "advanced Settings", and the rules of the inbound disable "file and printer sharing" in the rules.Closed UDP135, 445, 137, 138, 139 port, shut down the network file share.

5, strictly forbids the use of U disk, mobile hard disk executable ferry attacks such as equipment.

6, as soon as possible to backup your important files in a computer data storage devices.

7, update the operating system and applications to the latest version.

eight, to improve the security of E-mail, effectively blocking phishing emails, can eliminate a lot of hidden dangers.

9, install the original operating system, Office software, etc.

Beijing municipal committee of the net letter do

the Beijing municipal public security bureau

by the letter of Beijing committee

on May 14, 2017,

(formerly called the Beijing three department issued a notice: it is recommended that immediate disposal WannaCry blackmail variant worm work ")

The related content recommendation