发帖
雷达卡
Cyber Security Add to myFT
Microsoft issues WannaCry cyber attack patch
https://www.ft.com/content/348d4f7a-3808-11e7-821a-6027b8a20f23
Cyber attack exploited vulnerability in ‘retired’ software that is still in use
MAY 14, 2017 by: Richard Waters in San Francisco
Microsoft has taken the rare step of issuing a fix for versions of Windows it had previously “retired”, in an attempt to halt the global spread of the malware that hit the UK’s National Health Service on Friday.
Though technically no longer supported by the company, the software — including the once highly popular Windows XP — is still in use on some PCs, leaving users exposed to attacks. Just under 5 per cent of devices in the NHS still run XP, according to NHS Digital.
The world’s biggest software company released the patch, or repair, late on Friday night in the US, after a flaw in Windows was found to provide the door through which the malicious code had infiltrated computers across the globe.
Microsoft usually drops support for older versions of Windows — meaning it no longer releases repairs for problems that are found in the software — after a decade or more.
Support for Windows XP ended in 2014, 12 years after the software was introduced. But an estimated 7 per cent of the world’s PCs still run on the software, according to NetMarketShare. With more than 1bn PCs believed to be in use, that amounts to about 70m machines.
Dropping support for older code is common among software companies as they shift attention and resources to newer versions of their products, and security researchers say it is up to users to make sure they only use technology that is still supported.
“If you want to drive around in an unsafe car, that’s your decision,” said Avivah Litan, an analyst at Gartner.
While not acknowledging any failure on Microsoft’s part for the havoc wreaked by the WannaCry computer worm, Phillip Misner, a Microsoft security expert, said in a blog post that the company had found it “painful” to see so many customers affected.
The flaw in Windows first came to light in March, when a leak of cyber weapons developed by the US National Security Agency included code that took advantage of the previously unknown problem.
Microsoft issued a patch at the time that could be applied to current versions of Windows, and Mr Misner said that would have protected users against WannaCry, provided they installed the fix on their machines.
Overnight on Friday, Microsoft said it had taken the “highly unusual step” of issuing a new patch, this time designed to work with unsupported versions of its operating system. The fix is designed for Windows XP, as well as Windows 8 — support for which ended in 2016, only four years after the code was launched — and Windows Server 2003.
What is WannaCry and how can it be stopped?
Ransomware’s scope means authorities have to act
Comment: Act now to prevent future malware epidemics
While the lack of support for old versions of Windows provided one easy route for the ransomware, security experts said its spread probably owed much more to the failure of many organisations and individuals to apply the latest patches to their machines.
“The issue is, companies don’t invest enough in security, and they don’t give their security people senior roles,” said Ms Litan. “Companies can take some pretty easy steps to prevent this.”
The rapid spread of the WannaCry malware recalled the first widespread attacks on networks of PCs, when computer “worms” such as Melissa, in 1999, first exposed weaknesses in Windows.
The latest exploit differs in being used to plant ransomware — software that freezes a computer unless the user pays a ransom — and in being designed to propagate rapidly, according to security experts.
“It’s probably the worst we’ve seen in a very, very long time,” said Mounir Hahad, a senior director at Cyphort Labs. “This has a means of spreading so fast to a lot of organisations — and then horizontally, within organisations.”
京公网安备 11010802022788号
