So far, UI untouched by 'WannaCry' ransomware cyberattack
- Author: Zachary Reyes May 18, 2017,
May 18, 2017, 23:42
Redmond, Wash. - In the wake of unprecedented worldwide cyberattacks, Microsoft has issued security updates for systems that haven't been supported in years.
"We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003", wrote Phillip Misner security group manager at the Microsoft Security Response Center (MSRM), in a blog post. Microsoft Corp.is pointing its finger at the USA government, while some experts say the software giant is accountable too.
Ahead of the attack, Microsoft released a security update that fixes the exploited flaw on now supported Windows operating systems.
The "ransomware" cyberattack on companies and governments around the world has yet to victimize anyone at the University of IL, mostly because the UI bans outdated versions of the Windows operating system targeted by the virus.
Several sets of investigators have now reported tentative findings that suggest hackers linked to North Korea might have been involved with WannaCry.
By March, Microsoft had developed and distributed security fixes for the vulnerability.
Microsoft is unlikely to face legal trouble over the ransomware attack, according to legal experts.
"We don't know", Bossert said when asked who conducted the attack. Criminals used the NSA's leaked EternalBlue vulnerability to attack Windows machines with WannaCry ransomware. Another reason could be more internet-connected medical devices flooding into the healthcare industry, where hackers can take advantage of historically lax security on embedded equipments. "Eventually, constraints on cyber espionage may be necessary, but these would only work if everyone observed them, and there is reasonable doubt that China and Russian Federation would go along".
In April, a group known as Shadow Brokers leaked NSA tools that were used to attack and break into Windows computers.
"I very much doubt anyone would return your contact request, bearing in mind the attention that is now on this", he told the BBC.
Terming such cyber-attacks as a shared responsibility between tech companies and customers, the tech giant said, so many computers remained vulnerable even two months after the release of a patch. Microsoft seems to have fired the first salvo by pointing out the dangers of governments' "stockpiling of vulnerabilities" which can cause widespread damage.
Smaller businesses and home users should also: run a Windows Update, make sure their antivirus product is up to date to run a scan (if you don't have one, you can install one of the free trial versions), and back-up any important information. Use a reputable security software to prevent attacks in the future.
Because this attack is so contagious - it self-propagates, slithering from computer to computer without any human help - Microsoft decided it had to build a patch for that antique system too.