All Posts By

Alex Ioriati

Security patches for Windows XP – what they mean and what to do

By | blog

Security patches for Windows XP have been released earlier this year in an unusual and unprecedented step in the history of Microsoft.

The US company has decided to publish security patches for Windows XP in an effort to counteract and protect users and businesses from the dangerous ransomware known as Wannacrypt, which has put thousands of computers and hundreds of companies around the world in check.

For this reason alone, the current security patches for Windows XP are amazing!

security patches for Windows XP

There is no doubt that the ransomware attack which occurred earlier this year was one of the biggest in our history. While in passing, it has demonstrated how vulnerable our systems are to this type of robbery.

The truth is that, although technology has progressed in a stellar way in recent times, many money dispensers continue to operate based on tremendously old software. This is one of the many probable reasons why Microsoft decided to launch security patches for Windows XP.

Considering that the final public infection count was 200,000 computers in more than a hundred countries, the metric comes just like a “thumbs-up” to those that thought their bank accounts couldn’t be compromised with this computer attack.

The truth is that only some very specific business organizations were affected by the attack, as the attack did not primarily target consumers (who have already mostly upgraded to newer operating systems).

security patches for Windows 10

It is not surprising that the release of this patch is extremely unusual since the base program has not had security support for quite some time already.

In this case, we could perfectly see the maximum “desperate situations require desperate measures” being applied for the truth is that no one really saw this tremendous attack coming.

Security patches for Windows XP should be maintained

It becomes extremely urgent to modernize our security and computer systems, especially in the case of ATMs, devices that even in 2017 are still operating under unsupported operating systems, thus requiring in many cases security patches for Windows XP.

This vulnerability came to light with the leak of National Security Agency (NSA) spy tools, since Microsoft has already released a malware security patch for newer operating systems, but ignored those who were no longer part of the security update guarantee.

Now after the scope of the Wannacrypt attack, the company most likely decided to publish primarily security patches for Windows XP that protect against this vulnerability in computers using Windows XP, Windows 98 and Windows Server 2013.

The scope of the WannaCrypt ransomware has already caught thousands of computers from more than 100 different countries like UK, Spain, Italy, Russia, Egypt or China, and part of the United States.

This massive hacking affected the computers of hundreds of companies such as Telefonica, Vodafone, Gas Natural or the British public health service.

The attack affected almost half of the world and it has been discovered that the code used contains parts that had already been used in the code of “Contopee”, developed by Lazarus Group in 2015.

This type of malicious software “hijacks” the data on infected PCs, encrypts them and then requests a rescue from the affected party so that they can retrieve them.

As we saw, this ransomware exploited a vulnerability that was already solved in the most current operating systems; however, there are still millions of computers on the planet with old systems and, worse, without any support. Most of them work with Windows XP.

Perhaps what has made this ransomware with network worm features built-in is that although it follows the classic mechanism of infection, once it sneaks into the host computer, it also takes advantage of the network connectivity and vulnerability mentioned, transmitting itself across to networked computers very quickly.

Microsoft highlights that if you are a Windows 8.1 or Windows 10 user and you have automatic updates enabled, you do not have to worry about anything because these patches are automatically applied.

Windows XP has been one of the most popular and beloved operating system versions of all time. However, Microsoft had declared it obsolete a long time ago.

It should be noted that users of XP with versions without extended support should manually download and install the security patches for Windows XP from the official website.

Although Windows XP stopped receiving support in 2014, it seems that in the wake of the serious problems caused by the Wannacry ransomware, something has changed.

In the same way as in May, Windows XP has again received patches in the June release. As Microsoft itself cites, this is due to the imminent risk of cyber-attacks by government organizations that could exploit vulnerabilities corrected in supported operating systems but were left open in others such as Windows XP.

List of security patches for Windows XP

Microsoft has released updates to fix up to 96 vulnerabilities for Windows, Internet Explorer, Edge, Microsoft Office and Skype. The following are especially critical:

CVE-2017-8543 – This vulnerability in the Windows search engine, sends modified messages which allow an elevation of privileges remotely through SMB to take control of the machine

CVE-2017-8464 – A vulnerability in Windows through which a malicious .LNK file would allow an attacker to gain user privileges on the machine. Remember not to work with admin users!

CVE-2017-0176 – Vulnerability in RDP servers with Smart Card functionality enabled. It allows an attacker to execute code remotely.

CVE-2017-0222 – Internet Explorer memory management vulnerability that allows an attacker through a malicious web to execute remote code in the context of the current user of the system; again, do not work with admin users.

CVE-2017-0267 – This time it is the SMB server that through a special package could reveal information about the server to an attacker

CVE-2017-7269 – Another remote code execution due to a vulnerability in Webdav memory object management

CVE-2017-8461 – Vulnerability in RPC servers with remote access and routing enabled that allows a remote code execution attack

CVE-2017-8487 – Vulnerability in the Windows OLE component when validating user input that allows a remote code execution attack

CVE-2017-8552 – Vulnerability in the Windows kernel that allows elevation of privileges

Researchers and security experts have expressed concern about Microsoft’s strategy to patch the discontinued Windows XP.

Experts have many time said that every time there is a new vulnerability in newer versions of Windows, this vulnerability probably exists in Windows XP as well.

This combined with the situation that a significant part of users is using Windows XP does not speak well about the support of this operating system and its security in the future.

Basically, the theory is that if you are going to update a defect, this does not have XP safe against all other defects that have been updated for newer versions of Windows.