Today's release of security updates for Windows XP, Windows 8 and Windows 8.1 signals an about-face by Microsoft. In the wake of the WannaCry outbreak, the intention was to stem the spread of a virulent and damaging ransomware attack. But should the company keep patching an operating system that has been out of mainstream support for over eight years and extended support for three?
Following the recent WannaCry ransomware outbreak, Microsoft issued patches to the new unsupported Windows XP in order to rectify the vulnerabilities that WnnaCry exploited. Today, they have gone further issuing some further security patches as part of this month't Update Tuesday releases.
With WannaCry garnering a lot of attention over the last few days, it's easy to forget that the root cause of the damage it wreaked is still out there. The vulnerability it exploited was a weakness in Windows' file-sharing protocol. And while the threat of WannCry has been largely contained, if the vulnerability, dubbed EternalBlue by the NSA, remains unpatched, it can be exploited by others. And that's something being identified in the wild.
Krebs on Security reports that the WannaCry ransomware attack has netted the bad guys a total of just US$26,000. That might not sound like much, but it's probably a drop in the ocean compared to what it has cost businesses around the world.
There's been so much noise regarding the "WannaCry" ransomware that it can be difficult to get a straight answer about what it does and how to fix (or avoid) it. Fortunately, Gold Coast-based Microsoft security MVP Troy Hunt has been able to shed some light on the situation for those in the dark.
