Forum Discussion

Jasson Walker Jr

Copper Contributor

May 13, 2017

Has Office 365 been updated to protect against WannaCry?

Hello: Can anyone confirm that Exchange Online has been updated to protect Office 365 users against WannaCry (aka WanaCrypt0r)?

MVP

May 14, 2017

Depends on what you understand by "updated". The attack does not directly affect the service, but Microsoft has taken steps to prevent further spreading by pushing more strict EOP settings. As is usually the case, the attack targets outdated/unpatched versions of Windows, you can get more details from the relevant teams at MS:

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/

Javier Navarro
Copper Contributor
May 14, 2017
VasilMichev Hi, how we can delete emails with this malware links from quarentine?

The Advanced Threat Protection of exchange office365 detect this links?
- VasilMichev
  MVP
  May 15, 2017
  Malware does not go to the quarantine. Plus, there are features such as ZAP that can remove messages from user's mailboxes even after they are received: https://support.office.com/en-us/article/Zero-hour-auto-purge-protection-against-spam-and-malware-96deb75f-64e8-4c10-b570-84c99c674e15?ui=en-US&rs=en-US&ad=US
  
  Lastly, you can always do a manual Purge operation, but for that you need to know the criteria to identify those suspicious messages (a subject for example).
  - Manjunatha Gowda
    Copper Contributor
    May 17, 2017
    A simple query to the team, is there any incident reported of wannacry attack heppend through email media?
    If yes what is the pattern of email?
    This will help us more in sending communication to user with exact way the attacker framed email
    
    Regards,
    Manjunatha Gowda

Resources