On Tuesday Microsoft took an unusual step and issued security patches for Windows XP, as well as other older version of the operating system. The move was prompted by the recent WannaCry attacks, as an effort to protect users from exploits used by the US National Security Agency over the past few years.
This is only the third time in Microsoft¡¯s history that the tech giant has issued a free update for an OS that¡¯s no longer supported (Microsoft has previously stated that Windows XP would no longer receive any updates post April 2014). However, ever since the hacker group Shadow Brokers released secret NSA hacking tools, utilising exploits and vulnerabilities across various platforms, users of the decommissioned OS have been at risk.
The update for Windows XP, Vista, and Server 2003 includes fixes for at least three exploits released by the Shadow Brokers. ¡°In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organisations, sometimes referred to as nation-state actors, or other copycat organisations,¡± Adrienne Hall, Microsoft¡¯s general manager of crisis management, wrote online. ¡°To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available to all customers, including those using older versions of Windows.¡±
These special updates are not automatically installed, meaning users will have to manually download and installed them for the older operating systems mentioned. They are available in the Microsoft Download Center and in the Update Catalog here. Microsoft has also urged users to switch to newer Microsoft products, which are more resistant to exploits, saying the emergency patch does not mean updates will continue in future.