Stories
Slash Boxes
Comments

SoylentNews is people

Microsoft Patches XP to Avoid Another WannaCrypt

posted by n1 on Wednesday June 14 2017, @01:09PM   Printer-friendly
from the until-next-time dept.

MrPlow writes:

Submitted via IRC for Bytram

Microsoft regularly issues security updates, but it added a little something extra on Tuesday: it's letting all customers, even those using older versions of Windows, update their software.

This move is an attempt to avoid another ransomware outbreak like WannaCry, also called WannaCrypt, which rocked the web last month.

"The WannaCrypt ransomware served as an all too real example of the danger of cyber attacks to individuals and businesses globally," Adrienne Hall, general manager of Microsoft's Cyber Defense Operations Center, wrote in a blog post. "In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations."

Microsoft said it made the decision to apply this assortment of updates to provide further protection against potential attacks with similar characteristics as WannaCrypt. The security updates will be delivered automatically through Windows Update to devices running Windows 10, Windows 8.1 and Windows 7.

Source: CNET

Also at Ars Technica

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Patches XP to Avoid Another WannaCrypt | Log In/Create an Account | Top | 34 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by zocalo on Wednesday June 14 2017, @03:09PM (1 child)

    by zocalo (302) on Wednesday June 14 2017, @03:09PM (#525464)
    Pretty sure this is some function of OWA specifically; the Windows Outlook client does not appear to do the same mangling. My assumption when I first saw it after being forced to use a client's OWA system was that it was some form of tracking or a side-effect of some other heinous shit MS was doing with OWA. Anyway, it turned out to be a fairly simple and constant prefix to the actual URL, so I just cobbled together some GreaseMonkey code to strip it out of the HTML presented by OWA and that was that. :)
    --
    UNIX? They're not even circumcised! Savages!
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by jdccdevel on Wednesday June 14 2017, @06:10PM

    by jdccdevel (1329) on Wednesday June 14 2017, @06:10PM (#525557) Journal

    I noticed a while back that links in certain SPAM email had that OWA specific mangling done at the source. (I wouldn't touch OWA with a 50ft pole, but incoming email already had the links mangled.)

    I suspect spammers were exploiting some loophole preventing proper scanning of OWA enabled links by A/V software for people using it. (or maybe some sort of email verification via outlook url pre-fetching, who knows.)

    I spent an hour or so that afternoon working out what was going on and setting up a rule to block email with the OWA style links entirely.

    I haven't seen one since so I'm not sure if that sort of SPAM is still a thing.

    The only possible use I can think of for such url mangling is running a proxy on the email server. I bet it's so if you're running a local copy on a PC with filtered web access, you can still get remote content (pictures and such) in the email.

    If that's what's going on, I bet someone is already exploiting it to bypass web filters... wouldn't that be a security nightmare!

    But that's all speculation on my part. Regardless it seems like one more potential exploit waiting to happen.