The fix was created by security researcher Benjamin Delpy, a.k.a. “gentilkiwi,” and is called “wanakiwi.” It’s based on an older fix called “WannaKey” created by Adrien Guinet, and works on Windows version XP to 7.
Here’s how it works: It searches the computer’s memory for prime numbers that are the basis of the encryption, which would be wiped if you’d restarted your computer. It then uses those to generate unlock keys for the encrypted files. It’s relatively simple to understand, and free on Github.
Europol’s Cyber Crime Centre tested it, and found it to be at least somewhat successful:
— EC3 (@EC3Europol) May 19, 2017
It’s not going to help everyone — we wouldn’t blame you if one of the first things you did to try and fix your computer was restart it. But hopefully it’ll help some people who can’t (or don’t want to) pay the $300 Bitcoin ransom the attackers are currently demanding.