Microsoft has released a Windows XP patch on Tuesday that guards against the Wannacry ransomware. Specifically, it patches the vulnerability in the Windows SMBv1 network protocol that the ransomware was using. The unusual move will try and protect users of the old operating system from the latest Wanna Decryptor ransomware strain. The WannaCry 2.0 variant has recently been causing chaos in companies all around the world. A massive attack has affected over 200,000 companies, among which hospitals, schools and private companies in 150 countries.
Wanna Decryptor Ransomware Attack, a Wake-up Call
Brad Smith, president and chief legal officer of Microsoft, called the cyberattack “a wake up call for all of us, whether we’re in the tech sector, as customers or as government.” The president of Microsoft blamed the practice of storing data on software vulnerabilities, as these can be accessed by hackers. Microsoft has also released a guide for customers, in light of the recent ransomware attacks.
The malware, spread from a leak of the U.S. NSA software, is relatively new. It emerged in February 2017, and although Microsoft released a patch in March, older operating systems like Windows XP, remained unsupported, and thus unprotected. Typically, Windows would charge companies fees for support on older operating systems like Windows XP.
The latest attack has encrypted data in at least 16 UK hospitals, causing chaos in the NHS system and other companies. According to information from Citrix, 90% of NHS Trusts in England were still running XP in 2016.
It’s one of the largest ransomware attacks to date. According to some sources, the hackers managed to squeeze about $38,000 from their victims so far, but the amount is expected to increase.
UK Hacker Finds Kill Switch for Wanna Decryptor 2.0
The Wanna Decryptor ransomware encrypts user’s files and asks for a ransom of $300 to restore access to the files. If you don’t pay this amount in time, the ransom doubles in two weeks. There’ s also good news about this ransomware strain. The attacks, which started on Friday last week, have started to subside, thanks to a kill switch found by MalwareTech in collaboration with UK authorities.
The kill switch published by the UK National Cyber Security Center can prevent infections with Wannacry ransomware. However, is not able to remediate infections that have already occurred. Moreover, reports show that there have been some copycat attacks, with hackers trying to emulate the Wannacry strain and improve it further. For those still hit with ransomware attacks, the best solution remains restoring from a backup.
A reliable backup solution such as ShadowProtect SPX can protect both virtual and physical environments on Windows and Linux. The solution takes snapshots of the user’s system, including data, configurations or applications. In case data is encrypted or lost, you can restore from a recent backup without paying the ransom.