This one is a PITA to get patched. Read the article here on BleepingComputer. More guidance can be viewed here on MS update guide.

SA

Managed Service Providers are seeing the Powershell issue being utilized in the latest REvil ransomeware campaign at the supply chain level. MSP's can be a source of intrusion into multiple networks with the compromise of just one MSP. Companies, Microsoft included are more interested in their bottom-line than keeping their services secured. I know several business owners locally and have advised them over the years to INSIST, their MSP conduct a security audit quarterly and provide those result documented. Find another who will when/if they tap dance over it. Its your business after all, manage it properly.

SA