This article provides details of the IPS rules on the Sophos XG, UTM and Cyberoam firewalls that protect against the multiple vulnerabilities mentioned in MS17-010, including the SMBv1 vulnerability CVE-2017-0144 commonly known EternalBlue and recently used by WannaCry Ransomware to spread across networks. The IPS rules are protecting against the vulnerabilities CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147 and CVE-2017-0148.
Applies to the following Sophos products
For information on how to manually update your XG IPS definitions please see article 123277.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.