Windows XP Computers Were Mostly Immune To WannaCry

An anonymous reader quotes a report from The Verge: Windows XP isn't as vulnerable to the WannaCry ransomware as many assumed, according to a new report from Kryptos research. The company's researchers found that XP computers hit with the most common WannaCry attack tended to simply crash without successfully installing or spreading the ransomware. If true, the result would undercut much of the early reporting on Windows XP's role in spreading the globe-spanning ransomware. The core of WannaCry is a vulnerability in a Windows file-sharing system called SMB, which allowed WannaCry to spread quickly across vulnerable systems with no user interaction. But when Kryptos researchers targeted an XP computer with the malware in a lab setting, they found that the computers either failed to install or exhibited a "blue screen of death," requiring a hard reset. It's still possible to manually install WannaCry on XP machines, but the program's particular method of breaking through security simply isn't effective against the older operating system. The worst-case scenario, and likely scenario," the Kryptos report reads, "is that WannaCry caused many unexplained blue-screen-of-death crashes." While they cut against much of the early analysis of WannaCry, Kryptos' findings are consistent with early research from Kaspersky Lab, which found that Windows XP accounted for an "insignificant" percentage of the total infections. Kaspersky found the bulk of infections on machines running Windows 7 or Windows Server 2008.

Who knew...

[__aaclcg7560]

That WinXP was reliable by crashing?

Re:Who knew...

[Scarred+Intellect]

That WinXP was reliable by crashing?

We've been joking for years, saying BSOD was a feature and not a bug.

I guess the joke's on us.

Re: Who knew...

[sexconker]

I think you mean Windows 98 SE.

Just like Battlestar Galactica...

[DidgetMaster]

Old outdated technology is immune to the modern virus.

Re:Cool, but still not worth it

[CaptainDork]

Use a registry hack to tell your XP that it's an embedded computer, much like an ATM or POS:

Windows XP registry hack keeps security updates rolling for the dead operating system

World War Z

Immune like that kid who was already dying so all the zombies ran around him.

It's a lack of installing updates.

[viperidaenz]

The majority of the spread was caused by Windows 7 machines, several months after security updates were released.

In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Update enabled are protected against attacks on this vulnerability. For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Release March 14: Microsoft Security Bulletin MS17-010 - Critical

Re:It's a lack of installing updates.

[BadDreamer]

And the main reason people turn off updates on Windows 7 is - Microsoft's underhanded Windows 10 upgrade tactics.

When they treat an automatic unattended unwanted upgrade as a critical update, they're teaching users to not accept critical updates.

If they had handled the Windows 10 updates in a mature manner, the impact of WannaCry would have been much, much lesser.

So, Wired was lying

[Antiocheian]

So what does that mean for Brian Barrett and the Wired ? Impunity in the mainstream is the main cause for Fake News. Wired should have apologized for publishing nonsense.

Nice

[nospam007]

My Windows 3.1 machine is safe as well, because it can't connect to the internet.