Microsoft patches Windows XP to fight 'WannaCrypt' attacks

[Porthos]

https://www.engadget.com/2017/05/13/Microsoft-WindowsXP-WannaCrypt-NHS-patch/

Microsoft officially ended its support for most Windows XP computers back in 2014, but today it's delivering one more public patch for the 16-year-old OS. As described in a post on its Windows Security blog, it's taking this "highly unusual" step after customers worldwide including England's National Health Service suffered a hit from "WannaCrypt" ransomware. Microsoft patched all of its currently supported systems to fix the flaw back in March, but now there's an update available for unsupported systems too, including Windows XP, Windows 8 and Windows Server 2003, which you can grab here (note: if that link isn't working then there are direct download links available in the Security blog post).

 

[nlinecomputers]

If you can download it. M$ servers seem to be not responding right now.

 

[Porthos]

The XP one worked for me just now.
Download English language security updates: Windows Server 2003 SP2 x64, Windows Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64

 

[nlinecomputers]

I've managed to get all of them I need but it took several tries.

 

[Markverhyden]

They might be a tad busy at the moment.

 

[nlinecomputers]

They might be a tad busy at the moment.

There are reports that they are getting DDOS'd.

 

[Porthos]

Unless the entire world gets proactive on security instead of reactive this kind of stuff can put us back in the dark ages.

 

[nlinecomputers]

That costs money. A lot of the systems hit yesterday were Xp and Server 2003. Hence the patch. Yet Microsoft doesn't help by enabling these places. Your product is discontinued and not supported, yet you still get a patch.

 

[Porthos]

That costs money.

Yet Microsoft doesn't help by enabling these places. Your product is discontinued and not supported, yet you still get a patch.

Amen, Too bad internet providers couldn't just block all these machines from service. Problem fixed.
Yes, it is very expensive and sometimes actually impossible to get everyone up to date.

 

[Markverhyden]

Enterprise is a whole different story. It's not just the costs of the software, it the whole workflow thing as well. But this stuff is not what really worries me. It's IoT. Before that we had some comfort that the OEM's spent some time on securing stuff. That takes money and time. Now, with SoC's, WiFi and a few sensors any yahoo with an appliance can peddle it as Internet ready. What do garage door and refrigerator people know about security? Are they going to hire a contractor to audit the contractor they hired to do the work? Or just ship it out and hope for the best?

 

[GTP]

Enterprise is a whole different story. It's not just the costs of the software, it the whole workflow thing as well. But this stuff is not what really worries me. It's IoT. Before that we had some comfort that the OEM's spent some time on securing stuff. That takes money and time. Now, with SoC's, WiFi and a few sensors any yahoo with an appliance can peddle it as Internet ready. What do garage door and refrigerator people know about security? Are they going to hire a contractor to audit the contractor they hired to do the work? Or just ship it out and hope for the best?

IoT is designed to be cheap and easy to deploy, but if companies have to actually secure that IoT, then it isn't cheap any more nor is it easy to deploy.
Consumers don't know or even care as long as the price is right and it's easy to setup! They won't pay a premium even if the unit more secure!
Take modems as an example. People sign up to an ISP get a modem plug it in and forget it!

 

[overburnz]

going to download this now, it might come in handy, altough not many xp machines enter trough my door nowadays

 

[sapphirescales]

Debating whether or not to add this to my personal XP machine. Seeing as it never goes online, I suppose it doesn't really matter. Still, the thought of getting a patch for my XP system in 2017 makes me giddy. Like the good 'ol days all over again.

 

[JustInspired]

There goes my lazy Sunday. Patching Server 2008 and XP systems right now.

 

[NYJimbo]

Now that this exploit is out there it only takes a few tweaks to change it and a new phishing technique to be used so it can wreak havoc again. How many millions of XP boxes cannot even install the patch/fix because WU is broken, services disabled or something else prevents updates from working. Monday should be interesting.

 

[Your PCMD]

The website has encountered a problem
[Error number: 8DDD0010]
There is a problem with the page you are looking for, and it cannot be displayed.

 

[nlinecomputers]

The website has encountered a problem
[Error number: 8DDD0010]
There is a problem with the page you are looking for, and it cannot be displayed.

Keep trying. It took multiple tries for me to get all the patches I needed.