Microsoft stopped offering extended support for Windows XP back in 2014, closing the door on their end of one of the most widely used and popular operating systems in the world. On Friday, they had to dust off the keys and open that door one more time thanks to the Wannacrypt ransomware attack.
Wannacrypt or Wanna Cry struck at least 16 hospitals in the U.K. and spread to other systems around the globe on Friday, with Russia being the hardest hit. Most of this is thanks to tools reportedly created by the NSA and released by Shadow Brokers on April 14th, taking advantage of a file-sharing vulnerability in Windows that had been patched back in March according to Krebs On Security. The problem is that many systems running older versions of Windows did not receive that patch, leading to the issues we saw play out yesterday.
To combat this and update those systems around the world, Microsoft took the unprecedented step of creating a patch for these older versions and making them available to users:
We also know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download.
This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind.
According to CNN, the cyber attack has been halted but the possibility of copycats still remains. That would likely be why Microsoft was so quick in offering these patches and worked towards ensuring that users were aware of what to do if they were affected by the ransomware. A quick look at XP’s wiki page shows why this type of response is important globally. Most of Africa and China still rely on XP as their operating system and considering the spread of the virus on Friday, they are not alone. According to Krebs, citing multiple reports in British media, “approximately 90 percent of care facilities in the U.K.’s National Health Service are still using Windows XP.”