Ivanti has released a free 90-day patch license in response to the global WannaCrypt ransomware attack.
Until June 15, 2017, organizations can request the free license, available here, enabling IT teams to rapidly deploy patch management to all Windows workstations and servers in their environments, including legacy platforms such as Windows XP, Windows Vista, and Server 2003.
The WannaCrypt attack, launched on May 12, 2017, is distributed via phishing emails that target end users.
After users open and execute a malicious payload embedded in the email, the malware installs itself and starts encrypting files immediately.
WannaCrypt then spreads within the network using the “Windows SMB Remote Code Execution Vulnerability,” affecting all Windows versions from XP to Server 2016.
Microsoft released an emergency security patch for unsupported Windows versions, including XP, Vista, Windows 8, and Server 2003 and 2008 editions on May 13, 2017.
Initially the attack appeared isolated to the United Kingdom, more specifically to the NHS (National Health Service), but within a few hours it was reported as a global incident. It is believed that 200,000 organizations have been affected in 150 countries, including Russia, Spain, and the United States.
Although a “kill switch” was triggered on the day of the attack, the likelihood of further attacks is undisputed. Some security professionals are already claiming that a new variant without a kill switch, Uiwix, has been released.
Ivanti’s 90-day offer allows organizations to use the Ivanti patch management solution tailored to their Windows environment to remove the vulnerability WannaCrypt and the new variants it is exploiting.
Organizations seeking the free patch license should go to https://go.ivanti.com/Ransomware-Get-Well-Quick.html and answer a few simple questions to receive a patch management solution that is tailored to their needs.
The free solution will:
- Update Windows operating systems and third-party apps
- Easily patch legacy operating systems and third-party apps from the SCCM console with no added infrastructure or training
- Provide patches thoroughly tested by Ivanti’s engineers to ensure proper patch compliance
“At Ivanti, we believe that the worldwide technology community must band together to defeat global malicious phenomena like WannaCrypt,” said Simon Townsend, EMEA Chief Technologist, Ivanti.
“That’s why we’re providing this free 90-day offer.”
“Moving forward we need to take a more preventative approach to fighting cyber-crime. Antivirus alone simply won’t work.”
“Organizations must adopt defense-in-depth strategies to protect networks and infrastructure, including patching the OS and applications, application whitelisting, and minimizing admin privileges.”
Ivanti also hosted a webinar on May 15, 2017, where 3,000 customers registered to listen to a panel of Ivanti experts discuss the current state of the WannaCrypt threat and what they could do to protect themselves against the malware and any variants that will follow.
(New WannaCrypt ransomware is spreading like wildfire. We sat down with our security experts to discuss the growing threat as well as the remedies. Courtesy of Ivanti and YouTube)
Ivanti is IT evolved. By integrating and automating critical IT tasks, Ivanti helps IT organizations secure the digital workplace.