The following post walks you through how to protect your company from the Win32.WannaCrypt (also known as WannaCry) using Microsoft Intune (Microsoft Security Bulletin MS17-010). If you are managing your Windows PCs using the Microsoft Intune full PC client, you can protect your computers from the Win32.WannCrypt ransomware that has impacted many computers throughout the world by performing the following actions.
Approving updates to protect your computers
- Login to the Microsoft Intune classic console at https://admin.manage.microsoft.com
- Navigate to Updates
![secblogpost1]()
- Highlight all updates
![secblogpost2]()
- Search for the updates by platform here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx.
- Select All updates by highlighting each one you want to update (for WannaCry, use MS17-010.aspx)
- Right-Click Updates and Select Approve
![secblogpost4]()
- Select All Computers and Click Add
![secblogpost7]()
- Change Approval to “Required Install” and Change Deadline to “As Soon as Possible”
![secblogpost6]()
- Click Finish
More General Information/Guidance on Updates and Intune
- Keep Windows PCs up to date with software updates in Microsoft Intune: https://docs.microsoft.com/en-us/intune/deploy-use/keep-windows-pcs-up-to-date-with-software-updates-in-microsoft-intune
- Help secure Windows PCs with Endpoint Protection for Microsoft Intune: https://docs.microsoft.com/en-us/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune
- Customer Guidance for WannaCrypt attacks: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
- Microsoft Security Bulletin MS17-010 – Critical: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx