WannaCry Prompts Microsoft Updates … And A Warning

Microsoft has released new security updates for older versions of Windows as it warns of potential cyber-attacks by government organisations.

The updates, released today, are in response to an 'elevated risk of cyber-attacks by government organisations,' Microsoft said.

The patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May that attacked parts of the NHS and other companies worldwide.

Typically, Microsoft only issues updates for its operating systems that are still supported, for consumers, that means Windows 7 and newer, with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1.

But in the wake of the WannaCry outbreak, which saw a ransomware worm take advantage of un-patched versions of windows to encrypt millions of computers worldwide, Microsoft is reassessing that policy.
“Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry],” Adrienne Hall, the head of Microsoft’s Cyber Defense Operations Center, said.

Although Microsoft has not said what characteristics of the new vulnerabilities have led it to believe there is the potential for state-sanctioned attackers, the WannaCry reference has led security experts to conclude that the company is referring to leaked NSA hacking tools, released online by an entity calling itself The Shadow Brokers.

The Shadow Brokers were responsible for releasing the vulnerability, referred to by the NSA as EternalBlue, which led to WannaCry being able to replicate itself and do so much damage internationally.

WannaCry wasn’t the only malware that used EternalBlue to spread, but it was by far the most destructive. The Shadow Brokers have promised to release further vulnerabilities in the future, offering them to “subscribers” willing to pay $10,000 (£7,850) a month for the privilege.

The new patches fix 16 vulnerabilities, of which 15 are ranked by Microsoft as critical. Craig Young, security researcher at infosec firm Tripwire, said: “Anyone still using Windows 2003 or XP should install these patches ASAP with the expectation that they will be actively exploited in the near term. This move may indicate that Microsoft has been made aware of exploits that may be pending imminent release from the Shadow Brokers.

“WannaCry was orders of magnitude smaller than some successful malware campaigns of the past,” Young added. “We may not be so lucky the next time this happens.”

But some criticised the move, arguing that continuing to support older versions of Windows was just delaying the inevitable. Peter Bright, from technology site Ars Technica, said: “patching is the wrong decision: it sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway … Every time an organisation resists upgrading to Microsoft’s latest operating system, it jeopardises its own security.”

The WannaCry outbreak led to criticisms of the NHS for the widespread use of outdated software across the health service. Windows XP was not affected by the malware (although the operating system is weak to the EternalBlue exploit, WannaCry itself persistently crashed before managing to encrypt drives), but a number of the affected systems were running Windows Vista, a slightly newer unsupported version of the operating system.

Guardian:       Mail:

You Might Also Read:

Ignoring Software Updates…:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« US Presidential Election Hacks Revealed
Impact Of AI On UK Jobs Divides Opinion »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

iosiro

iosiro

iosiro was created to guide companies through securely using blockchain technologies. We help teams launch and manage ICOs, deploy secure dApps, and integrate private networks into business practices.

Orca Security

Orca Security

Orca Security delivers full stack visibility including prioritized alerts to vulnerabilities, compromises, misconfigurations, and more across your entire inventory on all your cloud accounts.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Norma Inc.

Norma Inc.

Norma provides the secured wireless environment (WiFi and Bluetooth) with the unauthorized AP detection, and secures your IoT assets from various threats.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

TXOne Networks

TXOne Networks

TXOne Networks offer cybersecurity solutions to protect your industrial control systems to ensure their reliability and safety from cyberattacks.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Evanssion

Evanssion

Evanssion is a value added distributor specialized in Cloud Native & Cyber Security across Middle East & Africa.

Abacus Group

Abacus Group

Abacus Group is a global IT services firm for alternative investment firms, providing an enterprise technology platform specifically designed to meet the unique needs of financial services.

Sri Lanka CERT

Sri Lanka CERT

Sri Lanka CERT is the National Centre for Cyber Security, which has the national responsibility of protecting the nation’s cyberspace from cyber threats.

Cybervergent

Cybervergent

Cybervergent (formerly Infoprive) are a leading cybersecurity technology company in Africa. We provide cybersecurity guidance and solutions that help protect your business.

DynTek

DynTek

DynTek delivers exceptional, cost-effective professional IT consulting services, end-to-end IT solutions and managed IT services.

Information Security Society of Africa – Nigeria (ISSAN)

Information Security Society of Africa – Nigeria (ISSAN)

The Information Security Society of Africa – Nigeria (ISSAN) is a not-for-profit organization dedicated to the protection of Nigeria’s cyberspace.

Scinary Cybersecurity

Scinary Cybersecurity

Scinary was founded in 2015 on the premise that cybersecurity should not be limited to just large corporations or large government entities.