WannaCry Prompts Microsoft Updates … And A Warning

Microsoft has released new security updates for older versions of Windows as it warns of potential cyber-attacks by government organisations.

The updates, released today, are in response to an 'elevated risk of cyber-attacks by government organisations,' Microsoft said.

The patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May that attacked parts of the NHS and other companies worldwide.

Typically, Microsoft only issues updates for its operating systems that are still supported, for consumers, that means Windows 7 and newer, with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1.

But in the wake of the WannaCry outbreak, which saw a ransomware worm take advantage of un-patched versions of windows to encrypt millions of computers worldwide, Microsoft is reassessing that policy.
“Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry],” Adrienne Hall, the head of Microsoft’s Cyber Defense Operations Center, said.

Although Microsoft has not said what characteristics of the new vulnerabilities have led it to believe there is the potential for state-sanctioned attackers, the WannaCry reference has led security experts to conclude that the company is referring to leaked NSA hacking tools, released online by an entity calling itself The Shadow Brokers.

The Shadow Brokers were responsible for releasing the vulnerability, referred to by the NSA as EternalBlue, which led to WannaCry being able to replicate itself and do so much damage internationally.

WannaCry wasn’t the only malware that used EternalBlue to spread, but it was by far the most destructive. The Shadow Brokers have promised to release further vulnerabilities in the future, offering them to “subscribers” willing to pay $10,000 (£7,850) a month for the privilege.

The new patches fix 16 vulnerabilities, of which 15 are ranked by Microsoft as critical. Craig Young, security researcher at infosec firm Tripwire, said: “Anyone still using Windows 2003 or XP should install these patches ASAP with the expectation that they will be actively exploited in the near term. This move may indicate that Microsoft has been made aware of exploits that may be pending imminent release from the Shadow Brokers.

“WannaCry was orders of magnitude smaller than some successful malware campaigns of the past,” Young added. “We may not be so lucky the next time this happens.”

But some criticised the move, arguing that continuing to support older versions of Windows was just delaying the inevitable. Peter Bright, from technology site Ars Technica, said: “patching is the wrong decision: it sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway … Every time an organisation resists upgrading to Microsoft’s latest operating system, it jeopardises its own security.”

The WannaCry outbreak led to criticisms of the NHS for the widespread use of outdated software across the health service. Windows XP was not affected by the malware (although the operating system is weak to the EternalBlue exploit, WannaCry itself persistently crashed before managing to encrypt drives), but a number of the affected systems were running Windows Vista, a slightly newer unsupported version of the operating system.

Guardian:       Mail:

You Might Also Read:

Ignoring Software Updates…:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« US Presidential Election Hacks Revealed
Impact Of AI On UK Jobs Divides Opinion »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Guardea Cyberdefense

Guardea Cyberdefense

Guardea Cyberdefense is an IT services company specializing in the management of security projects, with a pool of skills selected from a network of specialized partners.

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

Advantech

Advantech

Advantech is a leader in providing trusted innovative embedded and automation products and solutions. Activities include IoT security.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

SwiftSafe

SwiftSafe

SwiftSafe is a cybersecurity consulting company providing auditing, pentesting, compliance and managed security services.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

GB Group (GBG)

GB Group (GBG)

GBG is a global technology specialist in fraud, location and identity data intelligence.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

SecureStream Technologies

SecureStream Technologies

SecureStream Technologies have built the IoT SafetyNet - the Network Security Analytics platform to Eliminate Security Threats, Guarantee Privacy, Ensure Compliance, Simply & Easily.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

Seven AI

Seven AI

Seven AI develops cyber security software designed to identify online threats.

Abissi

Abissi

Abissi offer cyber intelligence, IoT security, automotive security, red teaming, application security and artificial intelligence security services, with a focus on security by design.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Cloudbox

Cloudbox

Cloudbox build and maintain a highly secure, compliant IT infrastructure for our clients – with total peace of mind – so they can focus on the market.