Microsoft issues WannaCry cyber attack patch, How to protect from WannaCry, Ransomware WannaCry, Microsoft Security Patch WannaCry, Microsoft WannaCry cyber attack patch – UK hospitals, Telefonica, FedEx, and other businesses were hit by a massive ransomware attack on Friday. Around 75,000 computers in 99 countries were affected by malware known as WannaCry, which encrypts a computer and demands a $300 ransom before unlocking it. The malware was able to spread thanks to flaws in old versions of Windows that were originally used by the NSA to hack into PCs before being made public by the Shadow Brokers group last month.
While Microsoft quickly issued fixes for the latest versions of Windows last month, this left Windows XP unprotected. Many of the machines attacked today have been breached simply because the latest Windows updates have not been applied quickly enough, but there are still organizations that continue to run Windows XP despite the risks. Microsoft is now taking what it describes as a “highly unusual” step to provide public patches for Windows operating systems that are in custom support only. This includes specific fixes for Windows XP, Windows 8, and Windows Server 2003.
Microsoft usually charges businesses to provide custom support agreements for older versions of Windows, which include critical and important software updates from Microsoft beyond the normal end of extended support point. “Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful,” explains Phillip Misner, a security group manager at Microsoft. “Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only.”
It’s an unusual move for Microsoft, but this security flaw and the way it was discovered and made public is equally unusual. There are now signs that the ransomware attack has subsided thanks to a kill switch, discovered by a 22-year-old in the UK. Some experts believe the attackers behind the ransomware have only raised around $20,000 from the scam. Either way, this is yet another painful security lesson for everyone involved. Exploits should be disclosed by government agencies, systems should be patched in a timely manner, and nobody should be running an old supported version of Windows.
Microsoft says it has already patched the Windows exploits released by the Shadow Brokers group. The hacking tools, likely originating from the NSA, were released online yesterday, and Microsoft was able to test and confirm patches are already available for all currently supported versions of Windows. That does mean that older Windows XP or Windows Vista systems could still be vulnerable to three of the exploits released, but it’s unlikely that Microsoft will supply patches for these older versions of Windows as they’re already unsupported.
Microsoft’s response comes hours after unnecessary fear from several security researchers, including one who advised Windows users to turn off their machines for the weekend. Even NSA whistleblower Edward Snowden weighed in on the exploits, claiming that the “NSA did not warn Microsoft” about the leaked exploits. Microsoft itself seems to imply that the NSA didn’t warn the company. “Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” says a Microsoft spokesperson in a statement to Reuters.
However, one security researcher, the grugq, claims that the NSA may have actually reported some of the bugs themselves. While Microsoft always acknowledges the source of security flaw reports, the grugq noticed there are no acknowledgements for patches (MS17-010) issued last month that fix some of the leaked NSA exploits. It’s possible that The Shadow Brokers or another group / individual tipped Microsoft to them in advance. Microsoft mysteriously delayed its Patch Tuesday release in February by a month in an unprecedented move, blaming a “last minute issue”. March’s Patch Tuesday included fixes for these leaked NSA exploits.
Either way, if you’re running Windows 7 or above then you’re safe from this round of exploits as long as you’ve applied all updates from Windows Update. If you’re still running Windows XP or Windows Vista then it’s time to look at something more modern as you’re open to these security flaws and many more that will remain unpatched and exploited.