WannaCry attacks prompt Microsoft to release Windows updates for older versions

The new patches include updates to Windows XP. Photograph: Jeff Christensen/Getty Images

Microsoft has released new security updates for older versions of Windows as it warns of potential cyber-attacks by government organisations.

The patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May that attacked parts of the NHS and other companies worldwide.

Typically, Microsoft only issues updates for its operating systems that are still supported – for consumers, that means Windows 7 and newer (with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1). But in the wake of the WannaCry outbreak, which saw a ransomeware worm take advantage of un-patched versions of windows to encrpyt millions of computers worldwide, Microsoft is reassessing that policy.

“Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt [alternative name to WannaCry],” Adrienne Hall, the head of Microsoft’s Cyber Defense Operations Center, said.

Although Microsoft has not said what characteristics of the new vulnerabilities have led it to believe there is the potential for state-sanctioned attackers, the WannaCry reference has led security experts to conclude that the company is referring to leaked NSA hacking tools, released online by an entity calling itself The Shadow Brokers. The Shadow Brokers were responsible for releasing the vulnerability, referred to by the NSA as EternalBlue, which led to WannaCry being able to replicate itself and do so much damage internationally.

WannaCry on a laptop
FacebookTwitterPinterest
Microsoft is worried about another WannaCry-style attack. Photograph: Ritchie B. Tongo/EPA

WannaCry wasn’t the only malware that used EternalBlue to spread, but it was by far the most destructive. The Shadow Brokers have promised to release further vulnerabilities in the future, offering them to “subscribers” willing to pay $10,000 (£7,850) a month for the privilege.

The new patches fix 16 vulnerabilities, of which 15 are ranked by Microsoft as critical. Craig Young, security researcher at infosec firm Tripwire, said: “Anyone still using Windows 2003 or XP should install these patches ASAP with the expectation that they will be actively exploited in the near term. This move may indicate that Microsoft has been made aware of exploits that may be pending imminent release from the Shadow Brokers.

“WannaCry was orders of magnitude smaller than some successful malware campaigns of the past,” Young added. “We may not be so lucky the next time this happens.”

But some criticised the move, arguing that continuing to support older versions of Windows was just delaying the inevitable. Peter Bright, from technology site Ars Technica, said: “patching is the wrong decision: it sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway … Every time an organisation resists upgrading to Microsoft’s latest operating system, it jeopardises its own security.”

The WannaCry outbreak led to criticisms of the NHS for the widespread use of outdated software across the health service. Windows XP was not affected by the malware (although the operating system is weak to the EternalBlue exploit, WannaCry itself persistently crashed before managing to encrypt drives), but a number of the affected systems were running Windows Vista, a slightly newer unsupported version of the operating system.

PS4-Exclusive God of War Story and Release Date Revealed at E3 2017

PS4-exclusive God of War had a generous reveal at E3 2017. Not only did Sony show off a large chunk of gameplay, it also focussed on characters, bosses, and possible plot points.

Kratos’ son appears to be suffering from some kind of curse and he must embark with everyone’s favourite genocidal Greek on a journey that involves killing an assortment of monsters. God of War’s villain also makes an appearance, taunting Kratos, who is considered to be an outsider of the Norse realm wherein this game takes place.

PS4-Exclusive God of War Story and Release Date Revealed at E3 2017

God of War releases early 2018. Sony hasn’t given a concrete release date just yet. But if we take into account past releases in the franchise, you can expect it to be out in March. its unclear if the footage on display at the E3 2017 conference was on the PS4 or PS4 pro.

With Sony releasing the PS4 Pro after God of War’s reveal — which the developers state was done on a standard PS4, there’s always the temptation for developers to optimise the game for the newer, more powerful platform that is the PS4 Pro at the cost of skimping out on the existing one, which in this case is the original PS4. However this will not be the case with God of War. Revealed at E3 2016 after a fairly accurate leak, it seems that the game will run just fine on a regular PS4.

Safe to say there will be some additional visual enhancements for the PS4 Pro, but the fact that Barlog has stated it will run as it should on the PS4 should have many a PS4 owner sighing in relief.