Microsoft was criticised last month for not providing free security patches to Windows XP users early enough to help protect against WannaCry ransomware. It seems like the Redmond-based company has taken the criticism seriously, as it has now included additional security updates for earlier versions of Windows as part of 'Update Tuesday'. These updates are said to offer enhanced protection against cyber-attacks with characteristics similar to WannaCry.
While reviewing the security updates for June, Microsoft identified there certain vulnerabilities posed "elevated risk of cyber-attacks by government organisations, sometimes referred to as nation-state actors or other copycat organisations," Adrienne Hall, General Manager, Cyber Defense Operations Center, said in her blog post on Tuesday.
In order to address these vulnerabilities, Microsoft is providing additional security patches with the update, even to those customers who are on earlier versions of Windows. "Due to the elevated risk for destructive cyber-attacks at this time, we made the decision to take this action because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt," Hall said. Notably, Microsoft officially ended the support for Windows XP in 2014.
Microsoft says that if you are on Windows 10 or Windows 8.1, the currently supported versions, and have Windows Update enabled, you don't need to do anything from your side. Further, the company has warned users that the "best protection" is to be on a modern up-to-date system and that "older systems, even if fully up-to-date, lack the latest security features and advancements."
WannaCry ransomware, which erupted last month, hit more than 150 countries and encrypted files on more than 200,000 computers. In order to unlock the files, the malware creators reportedly demanded a ransom of $300 (roughly Rs. 19,300) worth of Bitcoins from the users. It seems like Microsoft has now taken a more pro-active approach to the situation and decided that it should provide further protection to those users who are on unsupported versions as well.