Microsoft offers MS17-010 patch for Windows XP to stop Wcry worm

Posted on Saturday, May 13 2017 @ 11:55 CEST by Thomas De Maesschalck
MS logo
As I wrote yesterday, lots of businesses around the world got hit by a piece of ransomware that exploits a Windows Server Message Block (SMB) bug to spread automatically through networks. Microsoft patched this flaw two months ago and now the company made the unusual decision to issue this update for unsupported versions of Windows to help stop the spread of the Wcry worm (aka WannaCry and Wana Decrypt0r).

Despite having reached the end of its life over three years ago, Microsoft just rolled out the MS17-010 patch for Windows XP. Additionally, other unsupported versions of Windows like Windows 8 and Windows Server 2003 also received the patch.
"Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download," Microsoft said in a statement. "This decision was made based on an assessment of this situation, with the principle of protecting our customer ecosystem overall, firmly in mind."

Researchers believe that Wana Decrypt0r — also referenced online as WCry, WannaCry, WannaCrypt, and WanaCrypt0r — infected over 78,000 computers.
Interestingly, the Wcry outbreak was stopped yesterday evening as a security researcher from MalwareTech discovered a domain name inside the code of the worm. This domain name was not registered so the security researcher decided to register the domain ( to see what would happen.

Much to his surprise, he had accidentally stumbled upon a kill switch. The worm makes a pre-infection check to the domain and stops the infection process if the domain exists. Nice job!

However, this is just a temporary fix as by changing a couple of lines of code the attacker can create a new strain of the worm. The only solution is to ensure your system or systems are fully patched.

Full details at Bleeping Computer.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments