I'm curious: why do you keep running winXP? ist because of compatibility with software you need or things along those lines?
reportedly by spending a few dollars on registering a domain name hidden in the malware.
âI saw it wasnât registered and thought, âI think Iâll have thatâ,â he is reported as saying. The purchase cost him $10.69. Immediately, the domain name was registering thousands of connections every second.
âThey get the accidental hero award of the day,â said Proofpointâs Ryan Kalember. âThey didnât realize how much it probably slowed down the spread of this ransomware.â
2 Likes
Yes essentially.
It is usually because what ever program they are using is only enterprise certified for use on older systems like XP.
It is also part laziness.
They could have written a new program to keep up to date with the OS, or even usually just re-certified the old program, but that costs money and time with certifications, paying people to work updating the OS, retraining the staff on how to use the new OS (thanks MS for changing every menu every OS release), deploying the new program and training them on the new version.
Basically it is every IT staffs nightmare, they know they are vulnerable because management don't understand computers or their networks and want to save money so don't take it seriously and then we end up here.
2 Likes
Mind you it was one of the dumbest kill-switches I've ever seen. Way too simple almost.
It didn't pull any info from the domain, it just checked if the domain existed, the domain wasn't even registered beforehand. Like someone left it in there to be found and registered.
https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html
I tried downloading the KB4012212 and KB4012213 but when i go to M$ website I get this error, hence can't download the specific update.
1 Like
Maybe a programmer was held at gunpoint to make this randsomeware and he hid this in there to save the day?
The plot thickens!
Try going via this:
https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
The catalog update page seems to be getting overloaded, problem is, this is where the legacy updates are.
At least you got that far. mine would not load the webpage due to traffic.
The NHS has their moments in IT fails. One of their infamous IT project where it was supposed to enhance their online service not just for all the doctors and nurses within the NHS but also for their patients too. Poor project management and overwhelming costs put on fixing a half-arsed complete software led this project to its doomsday.
The recent cyberattack should shook up lazy organisations around the world to step up their infrastructure's vulnerabilities. My university is always good at improving their IT services. My workplace on the other hand, I have to give a thumbs down on their IT system. At least the place where I work all of our systems are still running Windows 7 and at least one system is still using Outlook 2007, because our accountants have their own BYOD devices. It's just got to show that spending on IT upgrades firsthand won't hurt a lot. Train users? At least someone would have the brains to train everyone who will be using the systems, and that doesn't mean face-to-face training.
2 Likes
Yes it is nice that they are getting the wake up call.
Unfortunately once things go smoothly for a few months IT will be thrown under the bus again and repeat today just a few months down the line.
The sheer number of people trying to update and patch their older operating systems is crazy. Maybe this is just MS way of punishing people from not upgrading to W10. Even now MS is going to start offering a couple Linux OS downloads on it's store., not that anyone would trust those. I think they know the gig is up.
The other thing is the bulk of this hit seems to be Russian and Ukrainian. Maybe our government needed to get information from other government servers and deployed this to cover all of it up. Kind of like wanting to kill someone, so you kill 1000 people to make it go under the radar.(Not that our gov. would do something so horrible).
Or maybe MS helped the gov. pull off this attack in an advisory role, and it is both conspiracy theories together. Excuse me while I go put fresh tin foil on my head:)
1 Like
Story from RT:
What happened to the good old days when hackers sold stuff they stole and had cool names like "the cucko's egg"
That emergency patch makes me wonder though.
If they still patch XP and Vista when there's a vulnerability such as this, that obviously means that there hasn't been anything really serious or dangerous that required patching on those outdated versions ever since they went EoL. So they're nowhere near as much of a risk as MS is trying to make people believe.
(Okay, I know Vista has only been EoL for a month now, but XP has been for over 3 years and this is the 2nd time they patched it)
Ehhh, about that.
Only reason this patch exists is for MS to look good and be the one to save everyones bacon.
Xp is still insecure as all hell. And this is actually a pretty 'cheap' exploit. The only thing that made it so dangerous is that it was fully automated and self-replicating.
1 Like
Or just to make sure shit does not destroy the fan on monday.
Isn't embedded xp still a thing and still supported with patches? I recall discussions about how to "fool" consumer version and continue receiving security updates until... 2020, I think?
Well Yes, we're seeing a bit of MS ethical side here. 
Until January 2019. I did that tweak on my ancient netbook, still getting patches every month indeed.