Microsoft patches Windows XP to fight 'WannaCrypt' attacks

3.8
Microsoft officially ended its support for most Windows XP computers back in 2014, but today it's delivering one more public patch for the 16-year-old OS. As described in a post on its Windows Security blog, it's taking this "highly unusual" step after customers worldwide including England's National Health Service suffered a hit from "WannaCrypt" ransomware. Microsoft patched all of its currently supported systems to fix the flaw back in March, but now there's an update available for unsupported systems too, including Windows XP, Windows 8 and Windows Server 2003, which you can grab here (note: if that link isn't working then there are direct download links available in the Security blog post).

Of course, for home users, if you're still running one of those old operating systems then yes, you should patch immediately -- and follow up with an upgrade to something current. If you're running a vulnerable system and can't install the patch for some reason, Microsoft has two pieces of advice:

Disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547 and as recommended previously.
Consider adding a rule on your router or firewall to block incoming SMB traffic on port 445




An additional blog post explains Microsoft's analysis of how the malware spreads. On newer versions like Windows Vista, 7, 8.1 and 10, the March update tagged MS17-010 addresses the vulnerability it's exploiting (that was revealed earlier this year by "The Shadow Brokers" when they leaked a stolen cache of NSA tools). While it's not confirmed how the initial infections occurred, it's believed the trojan horse was spread by email phishing links that drop the "EternalBlue" exploit released by The Shadow Brokers, as well as the WannaCrypt malware variant. Interestingly, it doesn't even try to attack Windows 10, focusing solely on Windows 7/8 and earlier operating systems that are still vulnerable to the attack.

Posted:
Related Forum: PC General Forum

Source: https://www.engadget.com/2017/05/13/Microsoft-WindowsXP-WannaCrypt-NHS-patch/

Comments

"Microsoft patches Windows XP to fight 'WannaCrypt' attacks" :: Login/Create an Account :: 14 comments

If you would like to post a comment please signin to your account or register for an account.

CyaPosted:

i Heared About this still going around?

-_-Nate-_-Posted:

FourStar
661King These IT guys need to be fired ASAP. Too lazy to update a system.


Don't comment if you're too dumb to know the whole story.


You need to consider that companies also have these OS's because they've invested money into custom software for their needs. The cost to upgrade PC's, hardware if needed, plus get newer software (as it may not be compatible with newer OS's) is astronomical; If you have a lot of users that is. Money is how the world works unfortunately, and it's hard to justify upgrading unless something like this happens. I do admit that Windows XP really shouldn't be used in a commercial environment anymore, but so many companies still use it simply because of the dollar.

FourStarPosted:

661King These IT guys need to be fired ASAP. Too lazy to update a system.


Don't comment if you're too dumb to know the whole story.

DusknoirPosted:

It's good that m$ cared about the consumer she enough to release patches for the older OS's.

XboxPosted:

Skates My high school I went to still used XP, I'm not sure what they use now. Probably still XP as they didn't care to use their funds on actual important things but instead bought segways for our principles lmao.


Lmao sounds about right.

661KingPosted:

These IT guys need to be fired ASAP. Too lazy to update a system.

IlcamorristaPosted:

I cant think of any company,school ect still using XP. Although North Korea use this.

SkatesPosted:

My high school I went to still used XP, I'm not sure what they use now. Probably still XP as they didn't care to use their funds on actual important things but instead bought segways for our principles lmao.

FourStarPosted:

Yoke
RedWood It puzzles me how the NHS still uses a 16 year old OS...


I was about to say the same thing. These cyber attackers probably giggle when they see the OS.


A shitty government that keeps reducing tax for the rich, not collecting owed money from other countries and allowing companies worth billions to avoid paying any tax at all....and then they complain that they don't have enough money to fund the National Health Service and start making cuts to it....That's why.

YokePosted:

RedWood It puzzles me how the NHS still uses a 16 year old OS...


I was about to say the same thing. These cyber attackers probably giggle when they see the OS.