While I'm also posting this to the Patchmanagement.org list, all
discussions will be over on the ntsysadmin list. I won't approve any
comments on the patchmanagement.org list, so thank you in advance for
understanding.
In my "what else can I do to block ransomware" as patching is not enough
I found this script/powershell bundle that blocks the smb file share
access for just the impacted user that introduced ransomware to the network.
Using File Server Resource Manager to Screen for Ransomware:
http://www.altaro.com/hyper-v/using-file-server-resource-manager-screen-ransomware/
While it depends on always keeping up to date on the ransomware file
extensions, it is just another tool it keep in mind to better limit
damage to network file locations.
