Why patching Windows XP forever won’t stop the next WannaCrypt

By  | 

The WannaCrypt ransomware message.

The effects of WannaCrypt ransomware attack were far-reaching. Europol dubbed it “the largest ransomware attack observed in history”, with more than 200,000 victims in 150 countries. Computer systems were knocked offline in hospitals across England, European car plants, in Russian banks and Chinese schools and colleges.

But does Microsoft have the power to mitigate the effects of a similarly devastating attack by changing how it patches old systems? On the face it, it appears so.

In the aftermath of the WannaCrypt attack, Microsoft took the extraordinary step of patching Windows XP, Windows Server 2003 and other unsupported OSes, to fix the flaw that WannaCrypt exploited to infect systems.

However, supported versions of Windows received this same patch from Microsoft back in March. Had that patch been applied to unsupported versions of Windows at that time it’s possible the scale of the WannaCrypt infection could have been significantly reduced, particularly as a single machine infected with WannaCrypt attempts to spread ransomware to every machine on its network.

Obviously Microsoft hasn’t got the resources to patch every flaw in every operating system it’s ever released. The company told TechRepublic that, in this instance, it had taken the extraordinary step of patching unsupported operating systems ‘given the potential impact to customers and their businesses’.

SEE: Ransomware: The smart person’s guide

But because of the huge consequences of outbreaks on the scale of WannaCrypt, shouldn’t Microsoft consider patching the most severe flaws, as defined by the Common Vulnerability Scoring System, in all operating systems, even those that have fallen out of support?

If it could curtail another major outbreak on the scale of WannaCrypt, isn’t it worth trying? After all, Microsoft has compared the vulnerability that WannaCrypt exploited to a Tomahawk missile. Such a move would also help shield those affected who were unable to upgrade from older versions of Windows because newer versions weren’t supported by specialised equipment their organization relies upon.

Writing in the New York Times, Zeynep Tufekci said this is precisely the sort of approach that Microsoft should take.

However, security experts point out that such a move could inadvertently actually worsen global IT security.

“The question whether Microsoft should proactively patch its unsupported operating systems against the most severe vulnerabilities is a very good one and not as simple as it may seem,” said Ziv Mador, VP of security research for SpiderLabs Trustwave.

“Clearly, once an attack of the magnitude we’re currently experiencing with WannaCry starts, it makes perfect sense for Microsoft to release patches also for the vulnerable end-of-life versions. It would be unwise to let the worm spread without releasing a patch because it clearly can help organizations and consumers protect themselves quickly and effectively.”

Unforeseen repercussions

But the unintended consequence of Microsoft proactively patching the worst bugs in old operating systems could be a greater number of individuals and businesses feeling it was safe to carry

Read Full Content at: Source TechRepublic

Leave a Reply

Be the First to Comment!

Notify of