Microsoft Patches Windows XP to Protect Against Nation-State Attacks

After Microsoft took the unprecedented step of releasing patches for Windows XP following last month’s WannaCry attacks, the software maker has released additional updates for all of versions of Windows.

While determining June’s security update for the Windows operating system, Microsoft learned of vulnerabilities which they say posed ‘an elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations.”

As a result, Microsoft is making June’s security updates available to all of its customers, including those using older versions of its popular operating system, Windows.

“We are providing additional security updates along with our regular Update Tuesday service,” stated Microsoft’s general manager at its Cyber Defense Operations Center Adrienne Hall.

She added:

 Due to the elevated risk for destructive cyber attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt. 

Essentially, these updates will be downloaded automatically for currently supported versions that include Windows 7, 8.1 and 10, as well as enterprise software in Microsoft Server versions between 2008 and 2016. For older versions of Windows that are no longer supported, users will be required to download and install these patches manually. Unsupported versions include Windows XP, Vista, 8 or Server 2003.

“The best protection is to be on a modern, up-to-date system that incorporates the latest innovations,” Hall wrote. “Older systems, even if fully up-to-date, lack the latest security features and advancements.”

The decision to release these patches, while understandable, has seen criticism from some quarters.

“[I]t sends a clear message to recalcitrant corporations that they can stick with Windows XP, insecure as it is, because if anything too serious is found, Microsoft will update it anyway,” wrote Ars Technica’s Peter Bright in an editorial.

He argued that Microsoft’s decision has undermined the efforts of IT technicians and staff, globally, to forego the ancient operating system in order to upgrade to newer, regularly supported versions of Windows.

Image credit: Flickr.