Jump to content
CCleaner Community Forums
hazelnut

Emergency update for XP from Microsoft

Recommended Posts

In order to protect XP users from the vulnerability which lead to the world wide Ransomware attack yesterday, Microsoft has created a patch for download for XP machines.

 

 https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

 

Other OS's that haven't yet done their Windows Updates should do so NOW!! The patch for this was in March Windows Updates.

 

 

We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download (see links below).

Share this post


Link to post
Share on other sites

Thanks Hazelnut, that information has been shared.

 

Bit of a surprise move with the XP update.

 

There again knowing these big organisations, like the NHS, the IT department will want to 'evaluate' it for a couple of months before installing it on anyones machine.

It is the main reason that these big organisations are always the ones that get hit, they take months to apply security updates.

 

It's the same with Windows 10, only one version can block automatic security updates-

Windows 10 Enterprise, only used by the big organisations.

Share this post


Link to post
Share on other sites

Apparently 90% of the NHS is still on XP. They have that version which, for a price, Microsoft supplied updates for.

 

Problem is, as far as I can gather, the Government stopped paying for the updates after 2014.

 

 

“NHS trusts have been running thousands of outdated and unsupported Windows XP machines despite the government ending its annual £5.5m deal with Microsoft, which provided ongoing security support for Windows XP, in May 2015,”

 

https://www.theguardian.com/society/2017/may/13/jeremy-hunt-ignored-warning-signs-before-cyber-attack-hit-nhs

 

Everyone should fully update their machines as soon as possible no matter what operating system they use.

 

 (The XP patch is small, easy to install, needs a reboot and doesn't change any system settings such as turning win updates back on)

Share this post


Link to post
Share on other sites

Yes, last night I was talking to a friend who is a medical secretary at the local hospital.

 

She got a BSOD at about 11:30 yesterday morning, and sent home at lunchtime.

 

Her XP machine is due to get updated (in six months or so) - to Windows 7 which will be out of support again in a couple of years.

 

OK it will cost a lot to get the whole NHS up to date, but maybe the cost of the work they'll have to do this weekend would have paid for a lot of it.

 

Will see her again tonight, it'll be interesting to see what she did at work today. LOL.

Share this post


Link to post
Share on other sites

- Well, and the NHS is "swimming in the money", right ?? Seems they don't have the money to switch to a newer OS.

- Yes, I have updated my Win 7 system with that March update and I don't open suspect emails. So, I should be fine.

Share this post


Link to post
Share on other sites

- But Vista was already covered in the March 2017 patch up update. Because support for Vista was dropped after april of 2017.

- Win 8 (NOT Win 8.1 !!!) wasn't covered as well.

 

My info came from this article:

https://www.bleepingcomputer.com/news/security/microsoft-releases-patch-for-older-windows-versions-to-protect-against-wana-decrypt0r/

Share this post


Link to post
Share on other sites
. . .

Everyone should fully update their machines as soon as possible no matter what operating system they use.

 

 (The XP patch is small, easy to install, needs a reboot and doesn't change any system settings such as turning win updates back on)

 

Good advice, thank you.  Did so here on xp.  First made an image backup & a registry backup.  The patch was quick & easy like you said. 

 

One thing I was worried about was Powershadow, since it makes some changes deep in the boot sector on xp, but it is still working just fine. 

 

I saved those updates on a USB stick for easy transportation. 

Share this post


Link to post
Share on other sites

On Windows XP the update replaces the following files with new versions:
C:\WINDOWS\system32\xpsp4res.dll
C:\WINDOWS\system32\DllCache\srv.sys
C:\WINDOWS\system32\DRIVERS\srv.sys

Share this post


Link to post
Share on other sites

- Microsoft is not "too happy" with the NSA's action/neglect regarding this vulnerability in the Windows OS.

 

https://mishtalk.com/2017/05/14/microsoft-blasts-nsa-cia-for-stockpiling-vulnerabilities-criminal-negligence-by-nsa/

https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/#sm.00001qetxt6r5scz1teqfe8tvxalo

 

- Didn't MS know that there are large organisations (like the NHS) that are still using the XP OS ?

Share this post


Link to post
Share on other sites

Didn't MS know that there are large organisations (like the NHS) that are still using the XP OS ?

Yes they knew, and have been warning them for years that XP was no longer secure.

 

The NHS / UK Government (and plenty of others) chose to ignore the warnings, with inevitable results.

 

You can't expect MS to keep supporting an outdated product, for free, just because someone refuses to get a newer product.

 

(There is probably some government bigwig sat in a comfy office saying right now- "We don't need to do anything, MS provided a free patch so we are safe now").

Share this post


Link to post
Share on other sites

I don't understand why a government would even use Windows (especially Win10 with it's built-in keylogging). One would think they'd use Linux to eliminate allot of malware issues, etc., then they could periodically scan with something like ClamAV just to be safe.

Share this post


Link to post
Share on other sites

Two years ago the DWP were advertising jobs for 'retired' programmers to help keep their 1970's Fortran and Cobol routines 'up to date'.

They were also looking for people with Primos and Unix experience.

 

Guess those systems are pretty safe from todays teenage hackers who've probably never heard of Primos.

Share this post


Link to post
Share on other sites

- Microsoft is not "too happy" with the NSA's action/neglect regarding this vulnerability in the Windows OS.

. . .

 

A bit different slant on the situation.

https://www.theregister.co.uk/2017/05/16/microsoft_stockpiling_flaws_too/

Share this post


Link to post
Share on other sites

- Ransomware on my washingmachine. LOL

- But this kind of photoshopping does highlight the vulnerability of the "Internet of things" to outside "attacks". (There was a discussion on this topic here on this forum).

Share this post


Link to post
Share on other sites

Thanks, Hazel. I've got one old XP machine that I maintain for my elderly father-in-law. Downloaded & installed the update.

Share this post


Link to post
Share on other sites

And still another slant on the situation.  :)

https://www.bleepingcomputer.com/news/security/over-98-percent-of-all-wannacry-victims-were-using-windows-7/

Still the original post is MUCH appreciated. It was timely and necessary.

All the talk at the time pointed to win xp, and I am sure glad to have patched this old box. 

Share this post


Link to post
Share on other sites

I think there is much more to come about this, and like login said, it's better that we are all patched from that old protocol anyway.

 

(how do they know all these exact figures anyway?)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×