Microsoft Issues Windows XP Security Updates for Previously Ignored NSA Hacking Tools

In a blog post issued on Tuesday, Eric Doerr, general manager of the Microsoft Security Response Centre, made no mention of the NSA or Shadow Brokers, but wrote: "Today, as part of our regular Update Tuesday schedule, we have taken action to provide additional critical security updates to address vulnerabilities that are at heightened risk of exploitation due to past nation-state activity and disclosures".

The company said that it would also release patches for Vista and all other operating systems, both supported and unsupported, because of the "elevated risk" from the WannaCry attacks.

Microsoft warned that some the flaws posed an "elevated risk" of "destructive cyber attacks" by nation-state actors.

Hall said the WannaCry/WannaCrypt ransomware campaign last month served as an all too real example of the danger of cyber attacks to individuals and businesses.

The three exploits that were patched this month for older systems like Windows XP, are known as EnglishmanDentist, EsteemAudit and ExplodingCan.

Microsoft distributed the updates in addition to this month's "Patch Tuesday", the security updates Microsoft rolls out each month. The patches for all Windows versions will be available via Microsoft Download Center and Windows Update. None of those exploits work on supported versions of Windows. "Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly".

Microsoft tagged last month's malware as "WannaCrypt;" most settled on the alternate "WannaCry" as the name.

At the time, Microsoft released updates for software it no longer supports, which was an unexpected move.

In April, the same group, which presents itself as a skilled adversary to NSA hackers, released the password to an encrypted file containing the Windows SMB file-sharing exploit that was subsequently used to make WannaCry wormable.

Microsoft does caution that just because it has released these security patches for the outdated versions of Windows, it doesn't mean that it's actively supporting those iterations yet again.

  • Carolyn Briggs