Last month Microsoft issued an unusual patch for Windows XP to help prevent further spreading of the WannaCry ransomware. At least 120,000 computers in more than 100 countries were affected by the ransomware virus which encrypts personal and system files and demands a $300 Bitcoin ransom to unlock them. Despite the fact the Windows XP official support was stopped in April 2014, Microsoft made the unprecedented decision to include this operating system in this month’s Patch Tuesday. Windows Vista and all other versions of Windows OS are also included in this release of security updates which Microsoft says should address the “elevated risk of cyberattacks by government organizations.”
The list of patched flaws includes ones leveraged by 3 other exploits leaked by Shadow Brokers, namely EnglishmanDentist (CVE-2017-8487), EsteemAudit (CVE-2017-0176) and ExplodingCan (CVE-2017-7269).
Both supported and unsupported versions of Windows also received patches on Tuesday for two vulnerabilities, CVE-2017-8464 and CVE-2017-8543, that have been exploited in attacks by unnamed threat actors.
The list of older vulnerabilities that have now been fixed in outdated versions of Windows also includes remote code executions described in the MS17-013 bulletin, an Internet Explorer memory corruption (CVE-2017-0222), several Windows SMB flaws (CVE-2017-0267 – CVE-2017-0280), an actively exploited IIS buffer overflow (CVE-2017-7269), a Windows privilege escalation issue (CVE-2017-8552), and an actively exploited Windows olecnv32.dll RCE (CVE-2017-8487).
Microsoft says this decision to release security patches for platforms not in extended support “should not be viewed as a departure from standard servicing policies,” and that this is an exception based on intelligence that led it to believe government organizations may use these vulnerabilities to attack Windows systems.
“Today, as part of our regular Update Tuesday schedule, we have taken action to provide additional critical security updates to address vulnerabilities that are at heightened risk of exploitation due to past nation-state activity and disclosures. Some of the releases today are new, and some are for older platforms under custom support agreements, that we are making publicly available today. Customers with automatic updates enabled are protected and there is no additional action required. For customers managing updates, or those on older platforms, we encourage them to apply these updates as soon as possible,” said Microsoft in a statement.
You need to make sure that your computer is configured for automatic updates in order to receive the latest updates. Microsoft has provided additional details on these updates at its Security Response Center blog.