So when news broke earlier in the week about the massive "Wana Decrypt0r" ransomware attack, which was taking down hospitals in the UK and spreading like wildfire, I wasn't expecting Microsoft to offer much help to users of Windows XP. WinXP hasn't been supported by Microsoft for years, after all, and the fact that lots of hospitals still use it hadn't been enough to change Microsoft's mind about that before now; most articles that I read on the subject also took for granted that WinXP users were basically screwed, and needed to upgrade their PCs to something that could run Windows 10.
Microsoft, however, either decided that (a) the optics of of patching every other version of Windows against Wana Decrypt0r but leaving hospitals vulnerable were seriously sub-optimal, or (b) that the life-and-death realities of patching every other version of Windows against Wana Decrypt0r but leaving hospitals vulnerable were too awful to think about, or (c) both. Whatever the thinking was, though, they issued patch for Windows XP today that fixes the weakness that this ransomware was exploiting.
From bleepingcomputer:
Following the massive Wana Decrypt0r ransomware outbreak from yesterday afternoon, Microsoft has released an out-of-bound patch for older operating systems to protect them against Wana Decrypt0r's self-spreading mechanism.
The operating systems are Windows XP, Windows 8, and Windows Server 2003. These are old operating systems that Microsoft stopped supporting years before and did not receive a fix for the SMBv1 exploit that the Wana Decrypt0r ransomware used yesterday as a self-spreading mechanism.
[...]
Microsoft had released a fix for that exploit a month before, in March, in security bulletin MS17-010. That security bulletin only included fixes for Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016.
As the SMBv1 is a protocol that comes built-in with all Windows versions, the computers which did not receive MS17-010 remained vulnerable to exploitation via Wana Decrypt0r's self-spreading package.
"Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download," Microsoft said in a statement. "This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind."
Researchers believe that Wana Decrypt0r [...] infected over 141,000 computers [...] While unconfirmed, many believe older Windows XP and Windows Server versions were the bulk of the infections pool, as they had no way to protect themselves.
The customer ecosystem here, remember, disproportionately involves hospitals, and other essential institutions that are still using Windows XP because their publicly-funded budgets can't afford to upgrade all of their PCs. It would have been great if they'd patched those older OS versions last month, of course, or at least before so much damage was done, but better late than never. And I mean that sincerely, considering how many vulnerable PCs and servers are out there, it really is better that they did this now, than not at all.
Good job, Microsoft. You've done a good thing today, and one that nobody expected you to do. Now we just have to convince you to make this a habit...