Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Microsoft Withheld Update That Could Have Slowed WannaCry: Report

American software giant Microsoft held back from distributing a free security update that could have protected computers from the WannaCry global cyber attack, the Financial Times reported Thursday.

American software giant Microsoft held back from distributing a free security update that could have protected computers from the WannaCry global cyber attack, the Financial Times reported Thursday.

In mid-march, Microsoft distributed a security update after it detected the security flaw in its XP operating system that enabled the so-called WannaCry ransomware to infiltrate and freeze computers last week.

But the software giant only sent the free security update — or patch — to users of the most recent version of the Windows 10 operating system, the report said.

Users of older software, such as Windows XP, had to pay hefty fees for technical support, it added.

“The high price highlights the quandary the world’s biggest software company faces as it tries to force customers to move to newer and more secure software,” it said.

A Microsoft spokesperson based in the United States told AFP: “Microsoft offers custom support agreements as a stopgap measure” for companies that choose not to upgrade their systems.

Advertisement. Scroll to continue reading.

“To be clear, Microsoft would prefer that companies upgrade and realise the full benefits of the latest version rather than choose custom support.”

According to the FT, the cost of updating older Windows versions “went from $200 per device in 2014, when regular support for XP ended, to $400 the following year,” while some clients were asked to pay heftier fees.

The newspaper argued the high costs led Britain’s National Health Service — one of the first victims of the WannaCry attack — to not proceed with updates.

Microsoft ended up distributing the free patch for the older versions on Friday — the day the ransomware was detected.

Although the announcement was “too late to contain the WannaCry outbreak,” the report said.

Microsoft did not confirm to AFP when it made the patch free.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, according to Kaspersky Lab, a Russian cybersecurity provider. jc-at/har MICROSOFT

Written By

AFP 2023

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.