Reply to post:

UK hospital meltdown after ransomware worm uses NSA vuln to raid IT

Retron

Can't believe any network would allow users to run stuff from %temp%...

It's just one of the things a network admin can do which helps lock the system down. From what I've seen (on a VM used for the purpose), malware from emails / web browsers invariably tries to run an EXE from the temp directory.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019