What is WANNACRY_RANSOMWARE?
WannaCry is a notorious ransomware cryptoworm that targeted computers running Microsoft Windows by encrypting data and demanding ransom payments in Bitcoin. It propagates using the EternalBlue exploit (CVE-2017-0144) in the SMBv1 protocol.
Common Causes
- Unpatched Windows systems with SMBv1 enabled
- Exposure of port 445 directly to the internet
- Lack of endpoint security monitoring
Step-by-Step Fix Guide
-
1
Install MS17-010 security update immediately
-
2
Disable the legacy SMBv1 protocol in Windows Features
-
3
Block SMB ports (139, 445) at the network firewall
-
4
Restore encrypted files from a verified offline backup
Commands & Diagnostics
powershell.exe Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocolnetsh advfirewall firewall add rule name='Block SMB 445' dir=in action=block protocol=TCP localport=445Still Need Help?
Search our full database of 481+ documented PC errors for more solutions and step-by-step repair guides.
Search Error Database