Dear all,
I have recently recieved the following Informations via Corporate News:
I have learnt that this seems to be a legit source, but we are not sure at the moment if we should implement this on our Clients, as SEP is telling me this is malware.
Has anyone of you had experience with this? Any opinions?
I'd really appreciate your expertise if you would have a look at this...
---
I have been informed that there is a tool to immunize the outbreak of wanacry.
CCN-CERT has updated to a version 3 tool to prevent the execution of malware WannaCry 2.0. They are: NoMoreCry-v0.3 (for Windows XP and higher) and NoMoreCry2000-v0.3 (for Windows 2000). This new version includes a text file that must be saved to the same folder as the executable. Within it, there is a list with the names of the mutexes to be created (NoMoreCry_mutex). This new version can be run in silent mode by executing it from the command prompt with the "-s" argument. eg.: c:\NoMoreCry.exe -s
This tool is not intended for already infected machines !
it should be run after every reboot for the successful prevention of the threat. This can be performed by the modification of the Windows registry or by the application of group policies in the domain.
Both tools are found in the platform in the cloud of the CCN-CERT, LORETO. Previously access to their corresponding file is needed: README_v0.3. (for Windows XP and higher) and README_Win2000-v0.3.txt (for Windows 2000)
Further information on:
CCN-CERT NoMoreCry and script (V.0.3)
Please spread the info accordingly!
---