MS releases new Win-XP security patches, warns of state-sponsored attacks

[vienna]

For those who still use Win XP, Microsoft has just released new security patches/updates and is warning of possible state-sponsored cyber-attacks; this is a highly unusual move given MS has tacitly 'abandoned' XP:

https://www.theverge.com/2017/6/13/1...ates-june-2017

Quote:

Microsoft issued a “highly unusual” patch for Windows XP last month to help prevent the spread of the massive WannaCry malware. At least 75,000 computers in 99 countries were affected by the malware which encrypts a computer and demands a $300 ransom before unlocking it. Microsoft stopped supporting Windows XP in April 2014, but the software giant is now taking the unprecedented move of including it in the company’s Patch Tuesday round of security updates today.

“In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organizations, sometimes referred to as nation-state actors, or other copycat organizations,” says Adrienne Hall, general manager of crisis management at Microsoft. “To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available to all customers, including those using older versions of Windows.”

Microsoft says it is releasing updates for Windows XP, Windows Vista, and all other more recent unsupported and supported versions of Windows due to an “elevated risk” of attacks that are similar to the WannaCry malware. The patches will be made available on Microsoft’s Download Center or Windows Update. Microsoft says this move to release security updates for platforms not in extended support “should not be viewed as a departure from our standard servicing policies,” and that this is an exception based on intelligence that led it to believe government organizations may use these new vulnerabilities to attack Windows systems.

http://www.zdnet.com/article/microso...ws-xp-patches/

This is apparently a very serious situation, so it may be wise for those using XP, Vista, etc., to check and see if they might need these patches/updates....


EDIT:

It should be noted the patches are also being released for all other post-XP versions of Windows...




Note to moderator(s):

I have posted this notice to the "PC Hardware/Software Forum" to try to keep with OT protocols; perhaps you might want to post this to the General Topics to increase awareness...




<O>

[Commander Wallace]

Thanks for posting this information and letting us know Vienna. This is an unprecedented move by Microsoft and I'm betting they are doing it to also establish spyware and malware in those computers using Windows XP. If you don't have your XP computer online, it might be worth it.

[Skybird]

WinXP has so many holes that nowadays it should be used offline exclusively, physically disconncted from the web - always. I read it is much, much worse than if you do not patch W7.

Then this patch is not needed.

Because me too suspects there is more to it than just helping out dear customers in need.

Disclaimer: for unpatched W7 (what I recommend), I again also strongly recommend not to use such a machine for ordinary online activities. Best is to not use it for any online activity.