Microsoft releases new update amid concerns over state-sponsored attacks

Wednesday, 14 Jun, 2017

Last month, Microsoft was forced to release patches for its ancient Windows XP operating system following the 'WannaCry' ransomware attack.

Microsoft took the unusual step of patching Windows XP last month in response to WannaCry, however most of the affected systems were running Windows 7 without the already available patch.

In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organizations, sometimes referred to as nation-state actors, or other copycat organizations. Patches for these operating systems are rare since they both reached their end-of-life many years before, and Microsoft has officially stopped providing security updates for both OS versions.

The Redmond, Wash. company cited fears of possible attacks by "nation-states", a label for government-sponsored hackers or foreign intelligence services, for the updates' release.

Cosby accuser to resume testimony in sex assault trial
As he did at the Justice Department, Wray specializes in white collar and corporate fraud cases, only now as a defense attorney. In an early morning two-sentence tweet, Trump said he meant to nominate Wray, a high-ranking official in George W.

As we've become accustomed to Microsoft, the company didn't say which of these KBs patched the three flaws exploited by the NSA hacking tools. The patches for all Windows versions will be available via Microsoft Download Center and Windows Update.

Part of the reason why WannaCry was so successful was because numerous facilities attacked - like hospitals and businesses - had not updated their software to patch the holes.

Microsoft warned that today's release for XP "should not be viewed as a departure from our standard servicing policies", due to the seriousness of the threat from what is believed to be government organisations. There has been speculation that The Shadow Brokers, a group that leaked the NSA exploits, tipped Microsoft in advance to the previous exploits. Hall also noted that the additional updates were distributed to all versions of Windows, not just those previously retired. Opponents of today's move-and of the May 12 emergency update-contend that these concessions on Microsoft's part to provide these types of updates will allow organizations to rationalize staying on unsupported versions of Windows.

By Ars' count, Tuesday is only the third time in Microsoft history that the company has issued free security updates for a decommissioned product.