Microsoft patches older Windows against nation-state attacks

Microsoft has issued patches for older, unsupported versions of Windows that are still in widespread use in order to protect against "potential nation-state activity".

The updates that have been released alongside Microsoft's regular monthly Patch Wednesday fixes "provide further protection against potential attacks with characteristics similar to WannaCrypt," the company's cyber defence operations centre general manager Adrienne Hall said.

Hall said the WannaCry/WannaCrypt ransomware campaign last month served as an all too real example of the danger of cyber attacks to individuals and businesses. When WannaCry surfaced Microsoft took "the highly unusual step" of releasing patches for unsupported versions of Windows.

She did not specifiy which government organisations or nation-state actors are targeting Microsoft users with malware.

Microsoft has published patching guidance for users who run Windows XP, Vista, 8 and Windows Server 2003.

Further guidance is available for Windows Server 2008, 2008 R2, 2012, 2012 R2 and 2016, as well as the client operating systems Windows 7, 8.1, 8.1 RT, and Windows 10.

A total of 25 vulnerabilities are currently being addressed for the older Windows variants, several of which can be used to execute code remotely to take over systems.

As with WannaCry, the patches released today cover exploits from the Equation Group, an organisation linked to the United States National Security Agency (NSA).

The exploits are code-named "EnglishmanDentist” (CVE-2017-8487), “EsteemAudit” (CVE-2017-0176), and “ExplodingCan” (CVE-2017-7269), and target Windows Remote Desktop Protocol, and Microsoft's Exchange and Internet Information Server 6.0 applications.

Microsoft said the vulnerabilities are presumed "to be at risk of imminent attack" and advised customers to apply the patches as soon as possible, and prioritise plans to migrate to supported versions of Windows.