UK healthcare facilities, Telefonica, FedEx, and other companies were struck by a huge ransomware attack on Friday. Around 75,000 computer systems in 99 countries were impacted by malware called WannaCry, which encrypts a computer and demands a $300 ransom prior to unlocking it. The malware was able to spread thanks to flaws in old versions of Windows that were originally used by the NSA to hack into PCs prior to being made public by the Shadow Brokers group last month.
While Microsoft quickly released fixes for the latest versions of Windows last month, this left Windows XP vulnerable. A lot of the machines attacked today have been breached simply due to the fact that the latest Windows updates have not been applied quickly enough, but there are still companies that continue to run Windows XP regardless of the risks. Microsoft is now taking what it refers to as a "extremely uncommon" step to offer public patches for Windows operating systems that are in custom support only. This includes particular fixes for Windows XP, Windows 8, and Windows Server 2003.
Microsoft typically charges companies to offer custom support agreements for older versions of Windows, which include critical and crucial software updates from Microsoft beyond the normal end of prolonged support point.
It's an uncommon move for Microsoft, but this security flaw and the method it was discovered and made public is equally uncommon. There are now signs that the ransomware attack has subsided thanks to a kill switch, discovered by a 22-year-old in the UK. Some professionals think the attackers behind the ransomware have only raised around $20,000 from the scam. In any case, this is yet another unpleasant security lesson for everyone involved. Exploits need to be disclosed by government agencies, systems need to be patched in a timely manner, and no one should be running an old supported version of Windows.