Microsoft | May 17, 2017 | Master3395
"Extremely unusual" steps to close safety holes.
Today, Microsoft went to the surprising step of sending a system update to 16 years old Windows XP, in an attempt to stop the WannaCrypt attacks that have ravaged the world since last afternoon.
Now, the injuries will be temporarily stopped after infecting around 130,000 machines, as security researchers have bought a domain as it checks before it installs.
However, it is expected that it will resume as soon as the attackers change this particular bit of the code.
On Microsoft's own blog post on defense against attack, they call the update to Windows XP "very unusual," but it is sent out to fight a serious threat.
In addition, Windows 8 and Windows Server 2003 are updated with the latest Microsoft patch that seals the security gap like The Shadow Brokers unveiled in April.
Based on NSA vulnerabilities
These vulnerabilities are based on NSA's own hackers, and were sealed in Microsoft's "Supported Products" in March - but systems that are not updated or supported are still at risk and therefore this update is coming to these systems now.
Those who have not updated their systems are recommended to use Microsoft Security Bulletin MS17-010, and Microsoft has already updated Windows Defender to block the malware. In other words, it's a good idea to run Windows Update today.
Scattered through "phishing" attacks
It is not yet known how the first infections occurred but it is believed that the Trojan software was spread through "phishing" attacks on email with links that installed the "EternalBlue" program and the WannaCrypt malware.
Apparently, the malware should not even attempt to install on Windows 10, and focuses only on Windows 7/8 and earlier systems that are vulnerable to the attack.
Even without phishing attacks, the malware can scan vulnerable server components on unoppdatered Windows machines and infect them at a distance, which may be the way it spreads when it has first entered the inside of a network.
Keywords: Microsoft, security
Sources: Engadget, Microsoft1, Microsoft2