Microsoft patches XP again after "past and threatened nation-state attacks"

Share

Organizations that still use Windows Server 2003 got a surprise on June Patch Tuesday with a Microsoft security update for the unsupported server operating system.

A spokesperson for Microsoft said the decision to release the updates was "an exception based on the current threat landscape and the potential impact to customers and their businesses". Windows Vista is also included in this batch of security updates which Microsoft says should address the "elevated risk of cyberattacks by government organizations".

If you have automatic updates enabled and you're running a version of Windows Microsoft still supports, you don't need to do anything as Windows will download and install the updates automatically. As it turned out, most of the machines that were infected by WannaCry ran Windows 7. He went on to urge users to adopt new Microsoft products, which are significantly more resistant to exploits, and not to expect regular security fixes in the future.

Meanwhile Amol Sarwate, director of vulnerability research at Qualys, has warned system admins that this month's Patch Tuesday is a massive update and fixes more than double the number of vulnerabilities compared to the last two months.

Released in 2001, Microsoft ended support for XP in 2014, but it remained in wide use, including by organizations like the United States Navy, which paid $9 million for extended support.

More news: Gunfire at UPS hub leaves 4 people dead
More news: Residents refusing to evacuate Camden tower blocks told they 'must leave'
More news: Google wants to make your job search easier

In a blog post, Microsoft's general manager of the Security Response Centre Eric Doerr has emphasised that the additional security patches treats the system's vulnerabilities. That patch originally was released in March, but only for modern Windows versions. "Every time an organisation resists upgrading to Microsoft's latest operating system, it jeopardises its own security". This is the second month in a row Microsoft has issued patches for the redundant XP operating system.

WannaCry became one of the most successful ransomware precisely because it used exploits and tools stolen from the NSA, which also means that the NSA may have already been using those same capabilities for many years.

Microsoft says its decision to push-out to operating systems not now in extended support "should not be viewed as a departure from our standard servicing policies". In anofficial blog post, Adrienne Hall, General Manager, Cyber Defense Operations Center at Microsoft found that the three vulnerabilities in the Windows OS could prove to be detrimental for its users.

E3 2017: Microsoft has unveiled the Xbox One X Formerly Known as Project Scorpio - 06/12/2017 08:30 AMMicrosoft unveiled the Xbox One X, a new Xbox console aimed at gaming in 4K quality.

Share