WannaCry Prompts Microsoft Updates … And A Warning

Microsoft has released new security updates for older versions of Windows as it warns of potential cyber-attacks by government organisations.

The updates, released today, are in response to an 'elevated risk of cyber-attacks by government organisations,' Microsoft said.

The patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May that attacked parts of the NHS and other companies worldwide.

Typically, Microsoft only issues updates for its operating systems that are still supported, for consumers, that means Windows 7 and newer, with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1.

But in the wake of the WannaCry outbreak, which saw a ransomware worm take advantage of un-patched versions of windows to encrypt millions of computers worldwide, Microsoft is reassessing that policy.
“Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry],” Adrienne Hall, the head of Microsoft’s Cyber Defense Operations Center, said.

Although Microsoft has not said what characteristics of the new vulnerabilities have led it to believe there is the potential for state-sanctioned attackers, the WannaCry reference has led security experts to conclude that the company is referring to leaked NSA hacking tools, released online by an entity calling itself The Shadow Brokers.

The Shadow Brokers were responsible for releasing the vulnerability, referred to by the NSA as EternalBlue, which led to WannaCry being able to replicate itself and do so much damage internationally.

WannaCry wasn’t the only malware that used EternalBlue to spread, but it was by far the most destructive. The Shadow Brokers have promised to release further vulnerabilities in the future, offering them to “subscribers” willing to pay $10,000 (£7,850) a month for the privilege.

The new patches fix 16 vulnerabilities, of which 15 are ranked by Microsoft as critical. Craig Young, security researcher at infosec firm Tripwire, said: “Anyone still using Windows 2003 or XP should install these patches ASAP with the expectation that they will be actively exploited in the near term. This move may indicate that Microsoft has been made aware of exploits that may be pending imminent release from the Shadow Brokers.

“WannaCry was orders of magnitude smaller than some successful malware campaigns of the past,” Young added. “We may not be so lucky the next time this happens.”

But some criticised the move, arguing that continuing to support older versions of Windows was just delaying the inevitable. Peter Bright, from technology site Ars Technica, said: “patching is the wrong decision: it sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway … Every time an organisation resists upgrading to Microsoft’s latest operating system, it jeopardises its own security.”

The WannaCry outbreak led to criticisms of the NHS for the widespread use of outdated software across the health service. Windows XP was not affected by the malware (although the operating system is weak to the EternalBlue exploit, WannaCry itself persistently crashed before managing to encrypt drives), but a number of the affected systems were running Windows Vista, a slightly newer unsupported version of the operating system.

Guardian:       Mail:

You Might Also Read:

Ignoring Software Updates…:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« US Presidential Election Hacks Revealed
Impact Of AI On UK Jobs Divides Opinion »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ExaGrid Systems

ExaGrid Systems

ExaGrid provides Tiered Backup Storage with a unique disk-cache Landing Zone, long-term retention repository, and scale-out architecture.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Capula

Capula

Capula is a leading system integration specialist for control, automation and operational IT systems across all applications and industry sectors.

UNIDIR Cyber Policy Portal

UNIDIR Cyber Policy Portal

The UNIDIR Cyber Policy Portal is an online reference tool that maps the cybersecurity and cybersecurity-related policy landscape.

Riddle&Code

Riddle&Code

Riddle&Code is a product-led services company specializing in onboarding industries to Web3. The team's mission is to provide a trusted connection between the digital and physical worlds.

FAIR Institute

FAIR Institute

The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Strata Identity

Strata Identity

Strata is pioneering identity orchestration to unify on-premises and cloud-based authentication and access systems for consistent identity management in multi-cloud environments.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Judy Security

Judy Security

Judy provides smart, simple, effective, all-in-one cybersecurity for SMBs. Get the 24/7 protection and support you deserve, at a price you can afford.

DerSecur

DerSecur

DerSecur has been engaged in advanced technology activities in the field of Application Security since 2011. We offer R&D technology solutions in the field of SAST, DAST and SCA analysis.