Microsoft has issued patches for all of its older unsupported versions of Windows – including Windows XP and Vista – to protect these outdated operating systems from three NSA exploits (nastiness along the lines of the NSA-leveraged vulnerability which the WannaCry malware was built around).
The software giant did previously say that it wasn’t going to patch these holes in older incarnations of Windows, but now appears to have thought better of that policy.
The obvious fear is that with Shadow Brokers, the group which leaked the NSA exploit that powered WannaCry, promising to release more tools for hackers this month, Microsoft feels that the many Windows XP users still out there are potentially under major threat.
Of course, a precedent had already been set because Microsoft patched Windows XP against WannaCry when the ransomware broke out in rampant and high-profile fashion last month.
The trouble is, though, that these moves give users and businesses out there still running with Windows XP some measure of confidence that Microsoft is still protecting them, in an albeit limited manner.
And that’s a dangerous message to send to those plentiful folks who really should have upgraded a long time ago, given that XP is over three years past its sell-by-date in terms of patch support.
Microsoft said it took the action because there is an “elevated risk for destructive cyberattacks at this time”.
The patched flaws only affect older versions of Windows, incidentally, so there’s no need for those running the likes of Windows 7/8/10 to worry.
Microsoft stated: “It is important to note that if you’re running a supported version of Windows, such as Windows 10 or Windows 8.1, and you have Windows Update enabled, you don’t need to take any action.
“As always, we recommend customers upgrade to the latest platforms. The best protection is to be on a modern, up-to-date system that incorporates the latest innovations. Older systems, even if fully up-to-date, lack the latest security features and advancements.”