Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Windows Operating Systems Privacy Security Software Hardware Technology

Windows XP Computers Were Mostly Immune To WannaCry (theverge.com) 58

Posted by BeauHD from the contrary-to-popular-belief dept.
An anonymous reader quotes a report from The Verge: Windows XP isn't as vulnerable to the WannaCry ransomware as many assumed, according to a new report from Kryptos research. The company's researchers found that XP computers hit with the most common WannaCry attack tended to simply crash without successfully installing or spreading the ransomware. If true, the result would undercut much of the early reporting on Windows XP's role in spreading the globe-spanning ransomware. The core of WannaCry is a vulnerability in a Windows file-sharing system called SMB, which allowed WannaCry to spread quickly across vulnerable systems with no user interaction. But when Kryptos researchers targeted an XP computer with the malware in a lab setting, they found that the computers either failed to install or exhibited a "blue screen of death," requiring a hard reset. It's still possible to manually install WannaCry on XP machines, but the program's particular method of breaking through security simply isn't effective against the older operating system. The worst-case scenario, and likely scenario," the Kryptos report reads, "is that WannaCry caused many unexplained blue-screen-of-death crashes." While they cut against much of the early analysis of WannaCry, Kryptos' findings are consistent with early research from Kaspersky Lab, which found that Windows XP accounted for an "insignificant" percentage of the total infections. Kaspersky found the bulk of infections on machines running Windows 7 or Windows Server 2008.
This discussion has been archived. No new comments can be posted.

Windows XP Computers Were Mostly Immune To WannaCry More

Windows XP Computers Were Mostly Immune To WannaCry

Comments Filter:

  • Who knew... (Score:5, Funny)

    by __aaclcg7560 ( 824291 ) on Tuesday May 30, 2017 @05:43PM (#54514237)
    That WinXP was reliable by crashing?

    • Re:Who knew... (Score:5, Funny)

      by Scarred Intellect ( 1648867 ) on Tuesday May 30, 2017 @05:52PM (#54514285) Homepage Journal

      That WinXP was reliable by crashing?

      We've been joking for years, saying BSOD was a feature and not a bug.

      I guess the joke's on us.

    • That WinXP was reliable by crashing?

      I can see that's funny to most people not immersed in the world of computer security, but to those who are it's just business as usual. It's extremely common to write code that intentionally crashes in the face of attack. It's obviously better to build systems that are sufficiently resilient that they can shrug off an attack and continue functioning, but in many cases that's not feasible, and crashing is a completely legitimate and very often-used threat mitigation strategy.

      Intentionally crashing is mostl

  • Just like Battlestar Galactica... (Score:5, Insightful)

    by DidgetMaster ( 2739009 ) on Tuesday May 30, 2017 @06:01PM (#54514333) Homepage
    Old outdated technology is immune to the modern virus.
    • I dunno about immune. Just the bell curve of blackhat effort has passed it by. It's security through obscurity, not real security.

  • My Windows 3.1 PC was mostly immune too. Mostly.

  • World War Z (Score:3, Funny)

    by Anonymous Coward on Tuesday May 30, 2017 @06:36PM (#54514475)

    Immune like that kid who was already dying so all the zombies ran around him.

  • Apparently you can manually aim at your own foot and mostly miss [youtube.com] if you use WINE to install the wannacry .exe... But really, Linux is unaffected.

    The distro I'm using is also much more modern than a fifteen year old abandoned OS from M$.

  • It's a lack of installing updates. (Score:5, Informative)

    by viperidaenz ( 2515578 ) on Tuesday May 30, 2017 @07:13PM (#54514601)

    The majority of the spread was caused by Windows 7 machines, several months after security updates were released.

    In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.

    https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

    Release March 14: Microsoft Security Bulletin MS17-010 - Critical [microsoft.com]

    • And the main reason people turn off updates on Windows 7 is - Microsoft's underhanded Windows 10 upgrade tactics.

      When they treat an automatic unattended unwanted upgrade as a critical update, they're teaching users to not accept critical updates.

      If they had handled the Windows 10 updates in a mature manner, the impact of WannaCry would have been much, much lesser.

      • It's either that, or the massive amount of CPU and memory Windows Update consumes on Windows 7, something that's been an issue for something like 2 years now that Microsoft doesn't seem to care enough to actually fix.

  • So what does that mean for Brian Barrett and the Wired [wired.com] ? Impunity in the mainstream is the main cause for Fake News. Wired should have apologized for publishing nonsense.

  • Nice (Score:3)

    by nospam007 ( 722110 ) * on Wednesday May 31, 2017 @01:48AM (#54515987)

    My Windows 3.1 machine is safe as well, because it can't connect to the internet.

Slashdot Top Deals

Avoid strange women and temporary variables.

Close