Microsoft and the NSA have each been blaming the other for the ability of WannaCrypt to utilize a vulnerability in SMBv1 to spread. Microsoft considers the NSA's decision not to share the vulnerabilities which their Eternalblue tool utilizes with Microsoft and various other security companies to be the cause of this particular outbreak. Conversely, the fact is that while Microsoft developed patches to address this vulnerability for versions of Windows including WinXP, Server 2003, and Windows 8 RT back in March, they did not release the patches for legacy OSes until the outbreak was well underway.
Perhaps the most compelling proof of blame is the number of systems which should not have been vulnerable but were hit due to the fact that the available patches were never installed.
These three problems, the NSA wanting to hoard vulnerabilities so they can exploit them for espionage, Microsoft ending support of older products because they are a business and do not find it profitable to support products a decade or more after release and users not taking advantage of available updates have left us in the pickle we find ourselves in this week. On the plus side this outbreak does have people patching, so we have that going for us.
"Speaking of hoarding, though, it's emerged Microsoft was itself stockpiling software – critical security patches for months."
Here is some more Tech News from around the web:
- Ransomware scum have already unleashed kill-switch-free WannaCrypt variant @ The Register
- Intel, Samsung join Apple, FTC firing squad against rival Qualcomm @ The Register
- TSMC capacity utilization ramping up @ DigiTimes