Last week, an unprecedented ransomware attack began locking up thousands of computers in more than 150 countries. The so-called WannaCrypt malware leverages a Windows vulnerability known as EternalBlue that leaked last month when a group known as Shadow Brokers posted a bunch of hacking tools that allegedly belonged to the NSA. Microsoft issued a patch for the flaw in March, but many organizations failed to keep up or are running older versions of Windows for which Microsoft no longer issues patches.
But with some security experts estimating the number of infected systems at 200,000, Microsoft is taking the “highly unusual” step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.
Windows XP’s continued popularity and the fact that Microsoft hasn’t officially supported the operating system since 2014 makes it an obvious target for hackers. According to data analytics companies StatCounter and Net Applications, somewhere between 5% to 7% of Windows PCs still run XP.
As Ars Technica notes, this is possibly the first time ever that Microsoft has issued a patch for a product decommissioned so long ago. The last time that happened it was an emergency patch for Windows XP but merely a week after official support for the operating system ended in 2014.
Microsoft says they are working with customers to provide additional assistance as this situation evolves, and that they’ve made this decision to patch unsupported version based on an assessment of the situation, with the principle of protecting their customer ecosystem overall.