This website uses cookies to ensure you get the best experience on our website.
Please note that by continuing to use this site you consent to the terms of our Privacy and Data Protection Policy .
Some of our partner services are located in the United States. According to the case law of the European Court of Justice, there is currently no adequate data protection in the USA. There is a risk that your data will be controlled and monitored by US authorities. You cannot bring any effective legal remedies against this.
Accept

Proactive protection against the WannaCry ransomware (not the exploit)

18. May 2017

The WannaCry ransomware has been a major news story over the last few days. It has infected hundreds of thousands of computers worldwide (mostly in Russia), including some well-known companies and institutions. All the programs in our public Main Test Series now detect the WannaCry malware samples by means of signatures, but we decided to find out which of these programs would have blocked the malware sample (not the exploit) proactively, i.e. before the the outbreak started and the malware samples became known.

We ran a proactive protection test, i.e. we used vulnerable Windows 7 systems with definitions prior to May 12th. A WannaCry malware sample was then executed on offline systems. The list below shows which of the tested programs would have protected the system, and which did not.

Adaware Pro Security Protected
Avast Free Antivirus Protected
AVG Free Antivirus Protected
AVIRA Antivirus Pro Protected
Bitdefender Internet Security Protected
BullGuard Internet Security Protected
CrowdStrike Falcon Prevent Protected
Emsisoft Anti-Malware Protected
eScan Corporate 360 Protected
F-Secure SAFE Protected
Fortinet FortiClient Not protected
Kaspersky Internet Security Protected
McAfee Internet Security Not protected
Microsoft Security Essentials Not protected
Panda Free Antivirus Protected
Seqrite Endpoint Security Protected
Tencent PC Manager Protected
Symantec Norton Security Protected
Trend Micro Internet Security Protected
VIPRE Advanced Security for Home Protected

As can be seen above, a majority of these products protected against this ransomware, but over 200,000 systems worldwide were compromised by it nonetheless. New variants might appear, and results for the next outbreak could look different. Users are advised to keep their systems patched, enable AV protection (i.e. do not disable features) and keep it up-to-date, as well as practising safe computing.

* This test only looked whether the ransomware part (WannaCry ransomware) would have been blocked.

ESET (removed from table above) would like to point out that their network protection module detected the exploit/spreading part (EternalBlue exploit) – and therefore protected the users – already since April 25th.

This blog post was updated on May 18th.
Anti-virus test wannacry