In the wake of last month’s WannaCry malware outbreak, Microsoft has once again issued patches to programs it no longer supports, citing vulnerabilities in their code that could make them vulnerable to cyber attacks by nation-states or copycat organizations.
The patches come a month after the company issued patches for Windows XP computers to protect against WannaCry, despite its long-standing stance against updating older and unsupported versions of its Windows operating system.
Microsoft "Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt," wrote Adrienne Hall, general manager for Microsoft's cyber defense operations center. WannaCrypt is another name for the WannaCry ransomware.
The patches hit, as they have since 2003, on the second Tuesday of the month at 10 a.m. Pacific time, when Microsoft makes security and other fixes to its programs available for users who aren't signed up for automatic updates – what's known as "Patch Tuesday."
Up until now, only customers who paid hefty fees could continue to get any support for older programs such as WindowsXP and Windows 8.1.
The release of the WannaCry malware, which seized files on hundreds of thousands of computers with demands for ransom, forced it to change its approach. The company made available patches that protected against WannaCry despite its long-standing stance against providing patches for unsupported programs.
The decision to offer patches to long-gone programs such as Windows XP, Windows 8 and Server 2003 is a tough one for the company, said Stephen Kleynhans, a research vice president at Gartner who looks at the enterprise PC market.
If the Redmond, Wash.-based company plays hardball and says it’s done with fixes and then something terrible happens, “they look like the bad guys. But if they do issue a fix, everybody who’s paying is mad at them,” he said.
The patches come a month after the company issued patches for Windows XP computers to protect against WannaCry, despite its long-standing stance against updating older and unsupported versions of its Windows operating system.
Microsoft "Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt," wrote Adrienne Hall, general manager for Microsoft's cyber defense operations center. WannaCrypt is another name for the WannaCry ransomware.
The patches hit, as they have since 2003, on the second Tuesday of the month at 10 a.m. Pacific time, when Microsoft makes security and other fixes to its programs available for users who aren't signed up for automatic updates – what's known as "Patch Tuesday."
Up until now, only customers who paid hefty fees could continue to get any support for older programs such as WindowsXP and Windows 8.1.
The release of the WannaCry malware, which seized files on hundreds of thousands of computers with demands for ransom, forced it to change its approach. The company made available patches that protected against WannaCry despite its long-standing stance against providing patches for unsupported programs.
The decision to offer patches to long-gone programs such as Windows XP, Windows 8 and Server 2003 is a tough one for the company, said Stephen Kleynhans, a research vice president at Gartner who looks at the enterprise PC market.
If the Redmond, Wash.-based company plays hardball and says it’s done with fixes and then something terrible happens, “they look like the bad guys. But if they do issue a fix, everybody who’s paying is mad at them,” he said.
Popular
Tags
Videos
0 comments:
Post a Comment