@kali89 If I were running Windows I
would format the drive and reinstall the OS. That would be followed immediately by installing the most recent updates. I read that Microsoft has released patches for Windows versions all the way back to XP Server.
See here.
Good advice...
Like most malware, especially on the Windows side, it starts with privileged escalation to the admin account. While reinstalling everything is in order in most cases, it takes long time. I make image backup on a daily basis and retain 4-5 days of this back up. Should there be any malware taking over the system, just restore the previous days image, takes 20-30 minutes depending on the system in question. It's not worth for hunting for and removing the malware, it's just wasted time.
Fringe benefit of image backup, it protects against hardware failure as well and recovering is quick. One would "only" loose one days data, that may or may not be acceptable...
I just wish MacOS has similar, free image backup that could be scheduled on a daily basis and restore the image, if and when needed. There are some, but nowhere as easy to use as the ones on the Windows side...
This seems not to be an issue for OS X right now. It could be an issue for folks who run Windows under Bootcamp, probably virtual machines as well, if they have not updated Windows.
I's not even an issue for Samba, the *NIX version of Microsoft SMB protocol, it only impacts MS SMB v1 and v2. You are correct that the virtual machine in MacOS running Windows is impacted. It isn't actually the MacOS, rather, the VM folder that shares the data between the Mac and Windows. Should the Windows OS be infected by a cryptoware, WannaCry or others, the content of the shared VM folder will be encrypted.
