Microsoft rolls out patch for older Windows systems to stop the spread of malware like WannaCry – Science Story


Microsoft has issued a patch for some of its older systems to fix a vulnerability that could allow malware to spread in a similar way to the 2017 WannaCry attack.

WannaCry affected computers in at least 74 countries, including Russia, Turkey, Germany, Vietnam, and the Philippines

It exposed a vulnerability in the system of computers and was spreading at a rate of up to five million emails an hour. 

Many of the computers were either infected or had to be turned off as a precaution. 

The fix is one of a range of patches issued by the computing giant to repair systems it has since stopped supporting, such as Windows 7 and XP. 

The vulnerability allowed for hackers to access the system remotely and spread malware – in a similar way to WannaCry.  


Microsoft says the vulnerability affects a part of the Remote Desktop Services feature on some previous versions of Windows.

This could allow devastating malware attacks to pass from vulnerable computer to vulnerable computer, as WannaCry did. 

Updates were released to cover 79 vulnerabilities, with 19 being classified as critical, according to Microsoft.

Issuing a fix to old systems is a drastic step and hints at the level of severity that the vulnerability posed. 

Windows XP was a wildly popular operating system released almost 18 years ago and has been replaced in several forms in the intervening years, including 7, Vista and 10. 

WannaCry notably hit parts of the NHS in May 2017, disrupting 80 trusts across England alone.

The NHS was forced to cancel almost 20,000 hospital appointments and operations as a result of the hack, while five A&E departments had to divert patients to other units.

Simon Pope, Microsoft’s director of incident response, said it had found ‘no exploitation’ but warned it is ‘highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware’.

He added: ‘It is important that affected systems are patched as quickly as possible to prevent such a scenario from happening.’

The flaw affects devices running Windows XP and Windows 2003, as well as Windows 7, Windows Server 2008 R2, and Windows Server 2008 – which are still currently supported.

Microsoft’s most recent operating systems, Windows 8 and Windows 10, are unaffected.

Renaud Deraison, CTO and Co Founder of Tenable, told MailOnlne: ‘This month patch Tuesday fixes a number of security issues – more notably a major security issue in Remote Desktop. 

‘Remote Desktop is a component of Windows that is often enabled in the enterprise and allows users to connect to their system remotely. 

‘A shodan survey also shows it’s very often directly connected to the internet. This vulnerability is critical and is a prime candidate to be used by another wave of ransomware in the near future.’ 


Comments are closed.