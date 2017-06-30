Microsoft Malware Protection Center (MMPC) published a blog post yesterday detailing a new ransomware infection that appears to have begun in Ukraine and spread from there to other places in Europe and beyond. MMPC analysis showed this to be a more sophisticated variant of Ransom:Win32/Petya and all free Microsoft antimalware products were updated with signatures for this threat, including Windows Defender Antivirus.

This post summarizes measures that Azure customers can take to prevent and detect this threat through Azure Security Center. See here for basic information on enabling Azure Security Center.

Prevention Azure Security Center scans virtual machines across an Azure subscription and makes a recommendation to deploy endpoint protection where an existing solution is not detected. This recommendation can be accessed via the Prevention section as shown below.

