14 DAY TRIAL // The world is recovering from the WannaCry ransomware party, and everyone seems to be praising Microsoft for how fast it reacted to block the infection on systems that are no longer getting support, including here the still super-popular Windows XP.
Even though it reached end of support in April 2014, Windows XP received an emergency patch on Friday night in order to block WannaCry, as supported systems like Windows 7, 8.1, and 10 were already protected thanks to updates released earlier this year during the monthly Patch Tuesday cycle.
But according to a report from The Reg, the Windows XP patch that users received during the weekend was actually built in February, and this is an indication that Microsoft was aware of the vulnerability but only patched it for unsupported Windows versions when things went south.
Specifically, it appears that Microsoft was informed of the security vulnerability in January, with people familiar with the matter telling the company that a security flaw owned by the NSA was stolen and was likely to be published online. The software giant started work on a patch, and in March, so two months later, it shipped it to systems that still received support, namely Windows Vista, Windows 7, Windows 8.1, and Windows 10. This means that the patch was developed a few weeks before, most likely in February.
In April, however, hacking group Shadow Brokers decided to go public with the exploits stolen from the NSA, while in May, the WannaCrypt ransomware started making the rounds after compromising thousands of computers using one of the leaked vulnerabilities.
Patches created in mid-February
The aforementioned source says the Windows XP patches were created on February 11, while the Windows 8 version was ready on February 13. Microsoft, however, held it back for public systems, as there was no indication that a large scale attack like WannaCry was supposed to start.
The patches, on the other hand, were released to customers paying for custom support, as Microsoft is still releasing updates in exchange for custom support licenses to enterprises paying a fortune just because they are yet to upgrade.
So last week, what Microsoft decided to do was to go public with a patch that it created for paying customers in February, and this is one of the reasons the reaction was so fast.
Can Microsoft be accused of publishing the update too late when the house was already on fire? It depends on whether you see the glass half full or half empty. In the end, Microsoft wasn’t by any means forced to patch unsupported systems, so even if it arrived at a later time, the update still came in very handy.