BadRabbit Vaccination
I created a PowerShell script to vaccinate systems from Bad Rabbit based on the findings of Amit Serper. I will be turning this into a Compliance Item in SCCM in order to get this to the systems in the company. Using Compliance Items will help us keep track of this and will attempt to rerun this script in the event that permissions ever get changed. It'll also allow for nice reporting for management. Edit: There's a much better way to do this: Using this method, it's much easier just to add a filename and it's relative path to the $files variable. This change makes the script much more scalable and dynamic. Edit 2: It looks like someone much better than me already beat me to this. Anders Rodland has created a Configuration Item and Remediation script nearly identical to mine and a few days before me. Jay Rosenberg from Intezer Labs has written more about Bad Rabbit and its relationship with NotPetya - the article can be read here.