WannaCry Also Hit Windows 7 Systems

WannaCry ransomware infection caused havoc in hundreds of countries and across hundreds of thousands of machines, and in the immediate aftermath of the hit many were pointing the finger at outdated versions of Windows XP for allowing WannaCry to cause so much damage.

However, new research from Kaspersky shows that 98% of the computers hit by WannaCry were actually running Windows 7, a more modern OS that's still officially supported by Microsoft.

A patch was issued to protect Windows 7 from this kind of exploit in March, so the affected machines would appear to be ones that hadn't yet been updated. This shows that running a more recent version of Windows doesn't necessarily make you safe: it's the regular patching and updating that keeps you (and your business) protected, not just upgrading your OS as a whole. 

Microsoft no longer provides regular patches for Windows XP, which is why last week's update in response to WannaCry was so unusual. Now it turns out that attacks on Windows 7, an OS released in 2009 that's still the most popular in terms of market share, running on 48.5% of desktop computers worldwide, were far more common.

Windows 10 is the only version of Windows that's completely safe from WannaCry, according to Microsoft, though the ransomware continues to evolve out in the wild. A small number of Windows 10 hits are shown in Kaspersky's chart, but these are due to manual infections carried out for testing.

Meanwhile, security experts continue to release tools to fight WannaCry, with the latest one removing the ransomware as long as the infected system hasn't been rebooted. If you're after a complete guide to how you can stay protected, TechRadar have got you covered.

TechRadar

You Might Also Read:

North Korea's Unit 180 Managed WannaCry Attack:

What We Know About The WannaCry Cyberattack So Far:


 

« Making Sense Of Dark Data
Eight Steps For Cloud Security »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

Wooxo

Wooxo

Wooxo provides business security and continuity solutions to protect business data for organisation of all sizes.

Resilience First

Resilience First

Resilience First is a not-for-profit organisation, led and funded by business to strengthen collective business resilience in all areas, including cyber security.

Seavus

Seavus

Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions including Managed Security Services.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Council for Information & Communication Technologies (CTIC)

Council for Information & Communication Technologies (CTIC)

CTIC was set up to address specific issues in the field of ICT relevant to the implementation of electronic government.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.

ioSENTRIX

ioSENTRIX

ioSENTRIX offers tailored, risk-focused assessments that reduce true business risk.

ClamAV

ClamAV

ClamAV is an open-source (GPL) anti-virus engine used in a variety of situations, including email and web scanning, and endpoint security.