NOTE: If you have not yet updated your Windows operating system, you can manually download a patch for affected versions of Windows, including XP, here:
• • •
IT firms are back on alert as new strains of the WCry distribution worm began appearing over the weekend.
Infections were seriously hampered on Friday after the anonymous researcher known as MalwareTech accidentally activated a killswitch on the version responsible for the initial infections. EuroPol have released new statistics, recording over 200,000 infections in 150 countries.
Now, experts say new strains of the worm, which took advantage of an unpatched critical Windows vulnerability, are appearing that have different URLs for the killswitch function. Even more frightening, there are reports of versions circulation without a killswitch at all.
— Matthieu Suiche (@msuiche) May 14, 2017
In one piece of good news, the UK’s NHS has reported that its facilities were back to 97% functionality after Friday’s systemwide infection. However, the list of high-profile victims has grown, now including Renault SA, Nissan Motors, universities in China, and the Deutsche Bahn light rail network in Germany.
However, researchers are still urging caution even for users who have installed the required security patchers. The ransomware existed before the delivery worm, and can still make it onto secured systems through infected drives, downloads and email attachments.