Microsoft has released a critical security patch for Windows XP operating system, in a bid to prevent it from being exploited in a new WannaCry-style attack.
Last month, Microsoft rushed out a free patch for Windows XP to help contain the spread of the WannaCry ransomware, which hit at least 75,000 PCs worldwide, and struck NHS hospitals across the UK. Following the release, reports surfaced claiming that Microsoft had been sitting on the patch since February.
In a bid to prevent a similar scenario, Microsoft yesterday issued emergency updates for legacy versions of Windows dating back to XP, Windows Server 2003, Windows XP Embedded and Windows 7 Embedded.
The company warned in a blog post that Tuesday's updates include fixes for three new exploits that, like Eternalblue used by WannaCry, were released by the Shadow Brokers hacking group.
"In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organisations, sometimes referred to as nation-state actors or other copycat organisations," said Adrienne Hall, general manager of crisis management at Microsoft.
"To address this risk, today we are providing additional security updates along with our regular Update Tuesday service. These security updates are being made available to all customers, including those using older versions of Windows."
Microsoft had previously said that it wouldn't issue out-of-support patches for the three exploits, codenamed EsteemAudit, ExplodingCan, and EnglishmanDentist, which exploit flaws in the Windows remote desktop protocol, IIS 6.0 and Microsoft Exchange servers.
In the post, Microsoft clarified this doesn't mean a return to full support for Windows XP, which ended in 2014.
The company clarified this was an exception based on new intelligence and "should not be viewed as a departure from our standard servicing policies".
The out-of-support updates are included in Microsoft's June Patch Tuesday release, which addressed a whopping 94 vulnerabilities. This includes fixes for 27 remote code execution (RCE) exploits that could enable an attacker to take control of a machine.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth