![]() ![]() ![]() “Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly.” “Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies,” said Eric Doerr, general manager of the Microsoft Security Response Center. Microsoft said this is a rare decision and encouraged admins to apply the critical updates. Microsoft said that customers with automatic updates enabled are protected and would not have to take additional action to receive these updates. These security updates are being made available to all customers, including those using older versions of Windows.” “To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. “In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations,” Hall said. “Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt,” said Adrienne Hall, general manager of Microsoft’s Cyber Defense Operations Center. Microsoft had to scramble as WannaCry made its way around the globe to release an emergency update late in the evening of May 12 for Windows XP and Windows 8 machines, easing any potential pain for unsupported versions of Windows EternalBlue, the NSA exploit in question, targeted SMB running on Windows XP and Windows 7 computers. Microsoft had pleaded with Windows admins to apply MS17-010, a security bulletin released in March, one month before the ShadowBrokers leaked a cadre of weaponized Windows exploits, but many did not take heed. The move is unusual and mimics a similar one made in the hours following WannaCry’s appearance on May 12 when hundreds of thousands of Windows machines worldwide were compromised and their data encrypted. Fearing destructive attacks precipitated by the availability of the nation-state exploits in the wild that spawned the WannaCry outbreak, Microsoft today announced that its Patch Tuesday updates would include fixes for older versions of Windows, including XP. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |