Almost All WannaCry Victims Were Running Windows 7

An anonymous reader quotes a report from The Verge: According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections. Windows 7 is still by far the most common version of Windows, running on roughly four times as many computers as Windows 10 worldwide. Since more recent versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections would hit computers running 7. Still, the stark disparity emphasizes how small of a role Windows XP seems to have played in spreading the infection, despite early concerns about the outdated operating system. The new figures also bear on the debate over Microsoft's patching practices, which generated significant criticism in the wake of the attack. Microsoft had released a public patch for Windows 7 months before the attack, but the patch for Windows XP was only released as an emergency measure after the worst of the damage had been done. The patch was available earlier to paying Custom Support customers, but most XP users were left vulnerable, each unpatched computer a potential vector to spread the ransomware further. Still, Kaspersky's figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.

Win X Upgrade

If MS hadn't tried to force Win10 down Win7 user's throats maybe more would have been installing patches.

Re: Win X Upgrade

[TWX]

You've obviously never worked enterprise IT. You don't roll-out new versions of anything until they're thoroughly tested, and sometimes you find that you can't roll-out a new version of some software because other mission-critical software is not compatible with whatever new thing you're trying.

Case in point, all of those ATMs and Point of Sale systems that are still running XP, that Microsoft is still supporting.

Windows 7 has more support for legacy applications than 8/8.1, and Windows 10 has even less support than 8/8.1. If those legacy applications provide the profit or are otherwise of primary importance to the organization then it does not make sense for the organization to change software. The operating system is merely a means to an end, not the end itself.

Re: Win X Upgrade

[mea_culpa]

Microsoft broke Windows Update on Windows 7 soon after the Windows 10 Upgrade windows closed with some botched updates.
Windows 7 computers that didn't take the update were treated with a runaway svchost.exe processes that consumed 100% of a core and near a GB of RAM while halting future updates at the same time. The only way to get performance back was to disable Windows Update. Even reloading Windows 7 from scratch didn't solve the problem. Updates would never come, and svchost.exe was stuck at 100% and massive amounts of memory. Microsoft let this problem linger for months probably in the hopes that users would upgrade to 10. Others here have suggested that it was due to MS not releasing roll-up updates and letting the library grow beyond what Windows Update was able to process. Since the April 2017 security patch Microsoft has begun roll-up updates to solve this problem.

This is 100% Microsoft's fault.

monocropping

[goombah99]

Monocropping leads to viruses whether agricultural or operating systems. Not much more to be said than that other than to point out Intels are the ultimate monocrop and they have a gigantic backdoor called the Management Engine.

In the age of global terrorism, one can expect engineered viruses for agriculture and computers to only increase till something we can't get past comes along. then we'll act in hindsight.

Here is a possible explanation

Windows updates stopped working on my Windows 7 machine about September last year and nothing except for a complete reinstall seems to get it working again - neither Microsoft repair tools, nor 3rd party tools, nothing. It just rolls back every update as failed for almost a year, and I guess I'm not the only one with this problem. So of course the latest patches are not installed.

Re:Pirated versions

[ewhac]

...most of the infected computers were running pirated versions.

[Citation required]

Re:Of course...

[Zumbs]

Which was all nice and dandy until Microsoft decided to ram Windows 10 down everyones throats. I can fully understand the annoyed users who simply disabled Windows Update because of those nasty practices on the part of Microsoft. Trust is easily lost and hard to regain.

Re:Pirated versions

What doesn't get reported often enough is that pirated versions of Windows cannot be patched

Actually, yes they can.

and most of the infected computers were running pirated versions.

Alright... you just completely made that up, didn't you?

Re:MS Broke Windows 7 Updates

[sniper86]

Someone wrote an automated tool to install all KB's to fix Windows Update for Win 7:

https://answers.microsoft.com/...

Worked on all 3 machines I used it on, in various WU states (endless loop, failing to install).

 

Re:Why not patched?

[Kjella]

Same reasons as always. Lazy and incompetent IT staff at corporations, low knowledge techies that disable Windows Update, long beards who only install certain updates manually after reading the associated KB article and self-determining whether or not they need an update. This is one of the reasons that Microsoft set Windows Update to be automatic in Windows 10. It makes the OS much safer and generally makes the internet safer as a whole.

And if they put in a safe, encased the safe in concrete and dumped it at the bottom of the ocean it'd be even safer. Not very user-friendly though, neither is the force-feeding of random feature updates at inconvenient times. They could have had a category for "Security bulletins and critical updates" that contained only tiny, to-the-point patches for exploits and other big malfunctions, no feature upgrades, no license checks, no trivial extras just the absolute minimum no sane user should disable and 99% of this problem would go away. I'm happy running an OS from 2009. Before that I was running an OS from 2001. I don't need feature updates twice a year and particularly not GUI makeovers.

I realize though that having a zillion combination of patches might be a pain to support, so here's what I'd like to have seen:
1. Microsoft releases version A. You can either stay on stable branch A or get rolling updates A*.
2. After 4 years Microsoft takes the current setup, calls it B. You now have three supported configurations A, B, B*.
3. After 8 years Microsoft takes the current setup, calls it C. You now have four supported configurations A, B, C and C*.
4. After 10 years support for A ends, before that you should migrate to B, C or C*.
From there they'd just bounce between 3-4 supported configurations of N-2, N-1, N and N*.

Most importantly still regardless of when it's updated everything should come with an off switch. I don't mind if Microsoft asks for telemetry. I have a problem with Microsoft demanding telemetry. It's like my car dealer refusing to service the car unless I've kept a log of how I've used it. I could almost live with that if you had to find some obscure setting only 0.01% would turn off. But it's when you deny me that choice this smells really foul. Not that I expect Microsoft to do anything really ugly until most people are on Win10 and can't disable the updates.