Microsoft Releases Windows Ransomware Patch, Blasts NSA for Malware Stockpile

Microsoft on Friday released a security update for Windows XP that fixes an SMB v1 hole that has been recently used to spread ransomware via phishing attacks.

Microsoft released Security Update KB4012598 on Friday to address the issue in older Windows OS and Windows Server editions, including Windows 8, Vista, XP and Windows Server 2003 and 2008. What's remarkable about this release is that it's the first time in over three years that Microsoft has released a security update for Windows XP.

"We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003," wrote Phillip Misner security group manager at the Microsoft Security Response Center (MSRM), in a blog posted on Friday.    

Those running Windows 10, 8.1, 7, Vista SP2 or Windows Server 2008 SP2 or later are already protected from the ransomware, which had infected many systems worldwide  threat thanks to bulletin MS-17-010, released in March. Due to the severity of the threat, which has already locked countless worldwide systems, those running older versions of Windows should apply the patch as soon as possible.

The malicious program "WannaCrypt," which demands a payment of Bitcoin to unlock an infected system, was part of a stockpile of exploits stolen from the National Security Agency earlier this year. In a blog posted on Sunday by Brad Smith, president and chief legal officer for Microsoft, he discussed that with the growing sophistication of cyberattacks, the practice of collecting malicious tools by the government has done more harm than good.

"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world," wrote Smith. "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today -- nation-state action and organized criminal action."

While the NSA has not commented on either the WannaCry attack or Microsoft's response, Tom Bossert, President Trump's Homeland Security advisor discussed at Monday's daily White House press briefing that the infection rate has been relatively low in the U.S. compared to overseas infection rates, and that no federal systems have been compromised. However, he did warn that following the patching advice from Microsoft and the FBI should be a top priority to stop the spread, which has hit a number of large-profile companies, including FedEx.

"While it would be satisfying to hold accountable those responsible for this hack -- something that we are working on quite seriously -- the worm is in the wild, so to speak at this point, and patching is the most important message as a result," said Bossert. "Despite appearing to be criminal activity intended to raise money, it appears that less than $70,000 has been paid in ransoms and we are not aware of payments that have led to any data recovery."

About the Author

Chris Paoli is the site producer for and


  • Microsoft Resumes Rerelease of Windows 10 Version 1809

    Microsoft on Wednesday once more resumed its general rollout of the Windows 10 version 1809 upgrade, also known as the "October 2018 Update."

  • Microsoft Ups Its Windows 10 App Compatibility Assurances

    Microsoft gave assurances this week that organizations adopting Windows 10 likely won't face application compatibility issues.

  • SharePoint Online Users To Get 'Modern' UI Push in April

    Microsoft plans to alter some of the tenant-level blocking capabilities that may have been set up by organizations and deliver its so-called "modern" user interface (UI) to Lists and Libraries for SharePoint Online users, starting in April.

  • How To Use PowerShell Splatting

    Despite its weird name, splatting can be a really handy technique if you create a lot of PowerShell scripts.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.