Microsoft warns of 'elevated security risk' while releasing new software updates

Microsoft warns of 'elevated security risk' while releasing new software updates

Microsoft received a lot of criticism after releasing a patch for Windows XP for the EternalBlue exploit well after releasing it for Windows 7, 8 and Windows 10 and well after the WannaCry attack started. Patches for these operating systems are rare since they both reached their end-of-life many years before, and Microsoft has officially stopped providing security updates for both OS versions.

Now, Microsoft is taking an unprecedented step to patch more vulnerabilities in Windows XP and other older, unsupported Windows releases as part of its regular Patch Tuesday updates.

At the time, Microsoft released updates for software it no longer supports, which was an unexpected move.

Microsoft warned that some the flaws posed an "elevated risk" of "destructive cyber attacks" by nation-state actors. There has been speculation that The Shadow Brokers, a group that leaked the NSA exploits, tipped Microsoft in advance to the previous exploits.

Hall said the WannaCry/WannaCrypt ransomware campaign last month served as an all too real example of the danger of cyber attacks to individuals and businesses. "We are committed to ensuring our customers are protected against these potential attacks and we recommend those on older platforms, such as Windows XP, prioritize downloading and applying these critical updates". "Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly".

Given what WannaCry followed the EternalBlue fix by only a month we would encourage our readers to make sure their PCs are patched, no matter what version of Windows it runs.

Microsoft is quick to point out in a Technet post about the updates that this should not be interpreted as a departure from standard servicing policies.

Related Articles

  • Xbox One X set for November worldwide release

    Speaking with IGN , Spencer said that the studio did consider multiple names for Project Scorpio before settling for Xbox One X . But from the system's official reveal, Microsoft has a pricey console whose power isn't being fully utilized by developers.

    North Korea threatens to strike New York

    Local officials had to restore the camera because it was initialized, or formatted, by the time they got it. The article continued it was "another heavy crime and unpardonable pro-U.S. act of treachery".
    Golden State reclaims title with a most Warrior-like run

    Golden State reclaims title with a most Warrior-like run

    But it's not as if the Cavs can go out and get Russell Westbrook, Durant's old running mate in Oklahoma City. For those guys in the Hamptons recruiting Durant that day and all the others, they can't wait for more.
  • Donald Trump breaks Twitter silence after Comey testimony, declares 'total vindication'

    Comey said he considered Trump's request to drop the Flynn investigation, a day after Flynn was sacked , to be a "directive". Kasowitz attacked Comey after his testimony for leaking what he called "privileged communications" to the media.
    Tearful Kathy Griffin says she won't stop criticizing Donald Trump

    Tearful Kathy Griffin says she won't stop criticizing Donald Trump

    The outcry against the comedian continues to grow with at least four venues announcing that they had canceled her performances. At a rambling press conference on Friday, Griffin tearfully predicted her career was over and said Mr Trump "broke me".
    Georgia releases names of slain prison guards

    Georgia releases names of slain prison guards

    Georgia Governor Nathan Deal said the officers' courage would not be forgotten and vowed to bring their murderers to justice. Sills said the slayings and escape happened on state Highway 16 between Eatonton and Sparta, southeast of Atlanta.
  • UAE newspaper says fake site impersonated it

    The joint base in Qatar was established in 2016 and is not fully staffed. Some observers believe the Saudi-led move has USA backing.
    John Major says Tory-DUP deal could threaten Northern Irish peace process

    John Major says Tory-DUP deal could threaten Northern Irish peace process

    His remarks came as the faltering talks process took another effective pause, only 24 hours after it resumed. Sinn Fein, the SDLP and Alliance insist Mr Brokenshire can not chair the efforts to restore powersharing.

    De Villiers to lead South Africa in England T20s

    I have not thought about what we are going to think about our next tournament. We are asking everyone to do it and everyone is responding really well.
  • House Committee Subpoenas Flynn, Cohen; Comey to Testify

    Adam Schiff of California, said Nunes approved the unmasking subpoenas without consulting the Democrats on the committee. The action to issue the unmasking subpoenas "would have been taken without the Minority's agreement".

    UK leader holding alliance talks with NIreland party chief

    After months of disarray in the region, the DUP is seeking to reform the structure of its government and political process. A Downing Street source said the talks had been "constructive" but refused to put a timescale on when they would conclude.

    DUP meet May in London as concern grows about implications for Stormont

    The deal also prompted Irish premier Enda Kenny to warn that such an alliance could upset Northern Ireland's fragile peace. The two are proposing penalties including fines against technology companies that fail to remove extremist content.