Already the news is all over, internet of ransomware. Below are the quick steps to action if you cant get the downtime of machines or etc..etc reasons (It’s running Windows and it only affects Windows.).

And the most important phrase for few days – Trust no one. Literally never open attachments in emails from someone you don’t know.

1. Disable SMB1.0 / CIFS file sharing support from the windows features. (since it targets through SMB)

GUI:

PowerShell:

Note :

• If infected and do not have backups for critical data ( (Disconnect the object from network immediately). DO NOT delete your encrypted files. A decryptor may be possible within a few days
• As Microsoft download servers seem busy or overloaded DON’T make the mistake of downloading patches from blurry sites.

Ref:

In order to prevent infection, users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.

https://technet.microsoft.com/library/security/MS17-010