Brace yourselves, is another Wannacry on the horizon?

When Microsoft issue patches for stuff that's well out of date like Windows XP, it normally means that they have got wind that there's something bad on the horizon.

Why else batten down the hatches on software that they stopped supporting years ago? Have they got wind of critical systems still using old unpatched versions of their operating system? Is this another WannaCry type incident waiting to happen?

Microsoft has taken the highly unusual step of releasing a patch for a major vulnerability that covers older, unsupported versions of Windows, XP and Windows 2003. – more info here

‘Microsoft's latest patch Tuesday release which includes security patches for the out-of-support Windows XP and Server 2003 platforms demonstrates the level concern for Microsoft to actively release fixes for operating systems that came to end of life over 5 years ago. It also acknowledges a deeply worrying reality that these operating systems are still in use across businesses and industry. Have the lessons of WannaCry not been learnt and implemented?

The inherent risk to an organisation from using unsupported and vulnerable software is a very real one and should be of great concern. Cyber attackers will waste no time in exploiting the weakest link and, as in the case of WannaCry, the effects can be devastating to business and people.

In the current climate of data breaches, ransomware and legislation such as GDPR, organisations need to be proactively taking steps to ensure and demonstrate improvements in security,’ said Sachin Bhatt, XQ Cyber’s CISO & Head of Incident Management.

Patch Management with CyberScore™

CyberScore™ makes patch management quick and easy. Simply schedule a scan (ideally every month) and voila it will detect any vulnerable software on your networks allowing you to quickly implement an effective patch management strategy.

CyberScore™ also allows you to:

  • Continuously understand your cybersecurity posture
  • Track your progress and watch your cyber health improve as mitigation measures are implemented
  • Track cyber risks across supply chains and third parties without the need for consultants or questionnaires
  • Set minimum standards, hold suppliers and service providers to account
  • Dispense with impenetrable reports. Instead, receive a clear and concise Get Well Plan that can be shared with staff and service providers
  • Dramatically reduce the cost and improve the quality of compliance penetration testing

XQ Cyber also offers a range of incident response and consultancy services such as Penetration Testing, Cyber Posture Assessments and Incident Response preparedness and testing.

Follow us on FacebookTwitter and LinkedIn and sign up to our newsletter