Microsoft warns of 'elevated risk of cyber attacks'

Thursday, 29 Jun, 2017

Microsoft has already ended support for Windows XP, but the fact it has included one of its oldest operating systems in the latest round of security updates makes it a big deal for its users. Microsoft released a March security patch (MS17-010) to address the targeted Server Message Block 1 flaw in Windows systems, but that release was also somewhat unprecedented in that it also applied to older systems, such as Windows XP.

But while two security patches in the span of less than two months might leave Windows XP users with the assumption that Microsoft intends to provide them with enough security to delay an upgrade, they would be mistaken, according to Eric Doerr, general manager of Microsoft's Security Response Center.

Due to the elevated risk at hand, Microsoft is no longer feeling haughty about its security practices and has chose to release this update patch to ALL Windows users.

Of the 94 vulnerabilities Microsoft identified for June Patch Tuesday, 27 are remote code execution (RCE) exploits that could allow an attacker to take control of a machine.

For more information about the remaining security vulnerabilities released on June Patch Tuesday, visit Microsoft's Security Update Guide.

Typically, Microsoft only issues updates for its operating systems that are still supported - for consumers, that means Windows 7 and newer (with the exception of Windows 8, which is meant to be covered by the free upgrade to Windows 8.1). The security updates will be delivered automatically through Windows Update to devices running Windows 10, Windows 8.1 and Windows 7.

Topping the priority list should be zero-day vulnerabilities CVE-2017-8543 and CVE-2017-8464, both of which Microsoft said are being exploited in the wild.

The update being dispatched today contains "critical security updates" that patch vulnerabilities in Microsoft's software. As a part, they have urgently rolled a security patch even for the Windows XP which they hand washed days back.

This was possible, it later emerged, because the NSA informed Microsoft about the leak of the exploits.

Windows XP is the reason why Wanna Cry Virus was able to affect businesses and individuals globally!

The updates can be found in the Download Center or in the Update catalogue. You can get them through Windows Update, or download them directly from Microsoft. In May, the WannaCry ransomware affected computer users around the globe by targeting the Windows XP OS.

Microsoft also used the malware as an opportunity to plug for Microsoft Edge, its semifunctional non-browser that's good for maximizing battery life and not much else.