Microsoft patches XP again after “past and threatened nation-state attacks”

Microsoft’s June Patch Tuesday security updates includes several patches for unsupported versions of Windows.

Microsoft is taking extra precautions in its June update following last month’s WannaCry ransomware outbreak and recent threats by The Shadow Brokers to dump more Windows vulnerabilities and exploits this month as part of its new subscription.

“Microsoft is announcing the availability of additional guidance for critical security updates, that are at heightened risk of exploitation due to past and threatened nation-state attacks and disclosures,” it said in an advisory.

Microsoft warned that some the flaws posed an “elevated risk” of “destructive cyber attacks” by nation-state actors. The updates are meant to shore up systems against “potential attacks with characteristics similar to WannaCrypt”, it said.

Some of the updates are new while others are for older platforms that would usually be restricted to customers on paid-for custom support agreements, but are being made publicly available.

Microsoft took the unusual step of patching Windows XP last month in response to WannaCry, however most of the affected systems were running Windows 7 without the already available patch.

Unsupported systems that will get today’s updates include Windows XP, Windows Vista, Windows 8, Windows Server 2003, or Windows Server 2003 R2. Most of the updates address critical remote code execution vulnerabilities. Some are for flaws fixed as late as May, while others date back several years.

Eric Doerr, general manager of the Microsoft Security Response Center encouraged all customers on these older platforms to update as soon as possible, but stressed Microsoft would not change its current support arrangements. In other words, don't expect further patches for XP in future.

Microsoft has provided guidance for users on these older systems here, which include the relevant bulletin, KB article reference, and an indication of whether the version of Windows is affected.

Microsoft doesn't specify what nation-state threats it's received. However the hacker group, TheShadowBrokers, last month vowed to release monthly dumps, including new Windows exploits that were stolen from a hacking team within the USNational Security Agency (NSA).

In April, the same group, which presents itself as a skilled adversary to NSA hackers, released the password to an encrypted file containing the Windows SMB file-sharing exploitthat was subsequently used to make WannaCry wormable.

In the wake of WannaCry, Microsoft's top lawyer slammed the NSA for "stockpiling"cyperweapons, comparing their theft to the military losing Tomahawk missiles to criminals.

Copyright © 2017 IDG Communications, Inc.

The 10 most powerful cybersecurity companies