WannaCry Prompts Microsoft Updates … And A Warning

Microsoft has released new security updates for older versions of Windows as it warns of potential cyber-attacks by government organisations.

The updates, released today, are in response to an 'elevated risk of cyber-attacks by government organisations,' Microsoft said.

The patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May that attacked parts of the NHS and other companies worldwide.

Typically, Microsoft only issues updates for its operating systems that are still supported, for consumers, that means Windows 7 and newer, with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1.

But in the wake of the WannaCry outbreak, which saw a ransomware worm take advantage of un-patched versions of windows to encrypt millions of computers worldwide, Microsoft is reassessing that policy.
“Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry],” Adrienne Hall, the head of Microsoft’s Cyber Defense Operations Center, said.

Although Microsoft has not said what characteristics of the new vulnerabilities have led it to believe there is the potential for state-sanctioned attackers, the WannaCry reference has led security experts to conclude that the company is referring to leaked NSA hacking tools, released online by an entity calling itself The Shadow Brokers.

The Shadow Brokers were responsible for releasing the vulnerability, referred to by the NSA as EternalBlue, which led to WannaCry being able to replicate itself and do so much damage internationally.

WannaCry wasn’t the only malware that used EternalBlue to spread, but it was by far the most destructive. The Shadow Brokers have promised to release further vulnerabilities in the future, offering them to “subscribers” willing to pay $10,000 (£7,850) a month for the privilege.

The new patches fix 16 vulnerabilities, of which 15 are ranked by Microsoft as critical. Craig Young, security researcher at infosec firm Tripwire, said: “Anyone still using Windows 2003 or XP should install these patches ASAP with the expectation that they will be actively exploited in the near term. This move may indicate that Microsoft has been made aware of exploits that may be pending imminent release from the Shadow Brokers.

“WannaCry was orders of magnitude smaller than some successful malware campaigns of the past,” Young added. “We may not be so lucky the next time this happens.”

But some criticised the move, arguing that continuing to support older versions of Windows was just delaying the inevitable. Peter Bright, from technology site Ars Technica, said: “patching is the wrong decision: it sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway … Every time an organisation resists upgrading to Microsoft’s latest operating system, it jeopardises its own security.”

The WannaCry outbreak led to criticisms of the NHS for the widespread use of outdated software across the health service. Windows XP was not affected by the malware (although the operating system is weak to the EternalBlue exploit, WannaCry itself persistently crashed before managing to encrypt drives), but a number of the affected systems were running Windows Vista, a slightly newer unsupported version of the operating system.

Guardian:       Mail:

You Might Also Read:

Ignoring Software Updates…:

UK Cyber Chief: Company Directors Are Devolving Responsibility For Hacks:

 

« US Presidential Election Hacks Revealed
Impact Of AI On UK Jobs Divides Opinion »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

Voyager Networks

Voyager Networks

Voyager Networks is an IT solutions business with a focus on Enterprise Networks, Security and Collaborative Communications.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

Nextcloud

Nextcloud

Nextcloud offers offers solutions to the combined need of security and ubiquitous access to data and collaboration technology.

Norwest Venture Partners (NVP)

Norwest Venture Partners (NVP)

Norwest Venture Partners offer entrepreneurs a broad range of services to help them build their businesses at every stage of growth. Key sectors include AI, Infrastructure, SaaS and Security.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Fasken

Fasken

Fasken is one of the largest business law firms in Canada and a recognized leader in privacy and cybersecurity law.

Dectar

Dectar

Dectar (formerly 4Securitas) is a cybersecurity company that provides solutions that predict, detect, defend and react against cybersecurity threats.

Node4

Node4

Node4 provide advanced, cloud-led digital transformation solutions, delivered with technical expertise, innovation and exceptional service to drive your business forwards.

Gunnison Consulting Group

Gunnison Consulting Group

Gunnison Consulting Group serves the Federal Government with high quality IT consulting services.

ESProfiler

ESProfiler

Enterprise Security Profiler. Empowering CISOs with clarity & confidence in their security programme by visualising capabilities, usage and spend against their key threat priorities.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

Harmonic Security

Harmonic Security

Harmonic Security helps companies to adopt Generative AI without risking the security and privacy of their data.