In the wake of the "WannaCry" ransomware attack, Microsoft on Tuesday issued a "highly unusual" patch for Windows XP to help prevent the spread of the malware that infected at least 75,000 computers globally.
"In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organisations, sometimes referred to as nation-state actors, or other copycat organisations," The Verge quoted Adrienne Hall, general manager of crisis management at Microsoft, as saying.
"To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available to all customers, including those using older versions of Windows," Hall added.
Microsoft said that it is releasing updates for Windows XP, Windows Vista and all other more recent unsupported and supported versions of Windows due to an "elevated risk" of attacks that are similar to the WannaCry malware.
The patches will be made available on Microsoft's Download Center or Windows Update.
The company’s move to release security updates for platforms that is doesn’t support anymore, it says, is an exception based on intelligence that led it to believe government organizations may use these new vulnerabilities to attack Windows systems. It says that it should not be seen as a departure from Microsoft’s servicing policies.
March’s security patches included fixes for hacking tools that were leaked from the NSA, and Microsoft didn’t acknowledge the source of the security flaw reports then either, reports Verge.
While it is not known who tipped Microsoft of potential hacks, speculation is rife that The Shadow Brokers, a group that leaked the NSA exploits, tipped Microsoft in advance to the previous exploits.
Users running on Windows XP will need to install the new patches immediately, even though XP wasn’t the worst affected by the first WannaCry attacks.
Verge reports that while almost all WannaCry victims were running Windows 7 without the latest security updates, it's not clear if these new attacks might target Windows XP more aggressively this time around.
(With inputs from IANS)
Image: bfishadow