We still feel very strongly that you should have left XP and Server 2003 behind years ago, given that newer Windows versions contain a wide range of security mitigations that simply can’t be retrofitted to older versions.īut if you still haven’t got around to replacing your out-of-support versions, don’t forget that this month brings you a blast from the past: old-school Patch Tuesday updates. Unsupported Windows versions that have just received fixes are: Windows XP, Windows Vista, Windows 8, Windows Server 2003, and Windows Server 2003 R2. For customers managing updates, or those on older platforms, we encourage them to apply these updates as soon as possible. Some of the releases today are new, and some are for older platforms under custom support agreements, that we are making publicly available today. We have taken action to provide additional critical security updates to address vulnerabilities that are at heightened risk of exploitation due to past nation-state activity and disclosures. Well, here comes another one – or, rather, here comes another bunch of patches for XP and other superseded Microsoft products, closing yet more security holes that were made public by Shadow Brokers along with the exploit used by the creators of WannaCry. WannaCry was a ransomware attack that automatically wormed its way across the internet by exploiting a vulnerability in Windows file sharing.Įven though the bug behind WannaCry was patched in March 2017, details of how to exploit it were revealed soon afterwards by a hacking crew called Shadow Brokers, and the self-spreading WannaCry malware followed soon after.Īnyone who hadn’t patched was in theory at risk – including XP users, who couldn’t have patched even if they’d wanted to, because XP hadn’t had any security updates since CVE-2014-1776, three years earlier.Īs a result, Microsoft decided to provide a patch against the WannaCry hole even for long-unsupported platforms, including Windows XP and Server 2003. Microsoft therefore did the world a favour – and that’s what it was, no matter how you look at it – by retrofitting the patch for XP and making the update available to everyone.Īnd that’s how the world of XP security patches remained until last month, when the WannaCry virus hit. Wer ein altes Windows-System aus den 90ern sein Eigen nennt, kann die Aktualisierungen dafür über die Webseite von Windows Update Restored. That update-after-the-last-ever-update, in May 2014, dealt with a zero-day bug (CVE-2014-1776) in Internet Explorer that not only affected all versions from IE 6 to IE 11, but also turned up in the wild, used by crooks in what Microsoft referred to at the time as “limited targeted attacks”. Minimalanforderung ist ein Internet Explorer 5. So many users and organisations were still so stuck in the XP rut that Microsoft relented just a few weeks later, publishing yet another “goodbye, farewell and Amen” update for XP at the start of the next month. …but it wasn’t XP’s last security update after all. If you’re a sysadmin, you probably do: it was the day on which Windows XP received its last-ever security update and then fell out of support for ever, unless you had a special contract lined up.Įven back then, we’d already had seven years of warning and plenty of time to decide how to deal with the situation, so you might have thought that would be that… When you go to the Windows Update page in IE it should now work instead of giving an error.Tuesday, 08 April 2014 – do you remember what you were doing on that day?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |