Citing “elevated” risks of cyberattack, Microsoft has released critical security updates to protect against large-scale hacking, according to a report from CNN.
The updates come one month after the WannaCry ransomware attacks targeted computers around the globe.
“In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations,” said Adrienne Hall, general manager of the cyber defense operations center at Microsoft, in a blog post.
Tuesday’s security update includes patches to Windows XP, Windows Vista, and Server 2003 products. Microsoft no longer supports these older systems, and the patches have to be installed manually.
Automatic updates will be available for Windows 10, Windows 8.1, Windows 7, and Windows Server releases after 2008.
A leaked cache of hacking tools thought to belong to the National Security Agency revealed the flaw in the Windows operating system through which the WannaCry ransomware attack spread.
Researchers said there were similarities between the WannaCry attack and code used by Lazarus group, a North Korea-linked hacking group. Ransomware attacks typically take over and lock a computer, extorting from its owner a ransom, typically in bitcoin.
A spokesperson for Microsoft said the decision to release the updates was “an exception based on the current threat landscape and the potential impact to customers and their businesses.” CNN said it was unclear if the company had been warned of another cyberattack related to WannaCry.
WannaCry targeted about 300,000 computers in 150 countries, encrypting victims’ files. It mostly affected businesses and large organizations that used a Windows file-sharing tool.
The WannaCry attackers reportedly made less than $60,000 after businesses were advised not to pay the ransom.