Microsoft Issues Critical Windows XP Patch To Protect From State-Sponsored Cyberattacks

Microsoft is not wavering on its decision to stop supporting Windows XP as a whole, though apparently it will on occasion release security updates for the legacy operating system, presumably for the greater good. We saw this just last month when Microsoft patched Windows XP to protect users against the WannaCry ransomware outbreak. Now it has released another security update for Windows XP, this time due to the "heightened risk of exploitation" by copycats.

In a sense, WannaCry can be considered a wake-up call for the security industry at large. As it pertains to Microsoft, the Redmond giant fears that foreign government agencies might follow in the footsteps of WannaCry and go on the offensive. Rather than wait for that to happen, Microsoft is taking the proactive step of issuing a security update for virtually all Windows platforms dating back to Windows XP.

Windows XP Bandaid

At the same time, Microsoft warns that issuing security updates for unsupported OSes is still going to be a rare thing.

"Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies. Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly. As always, we recommend customers upgrade to the latest platforms," Microsoft said.

Microsoft still recommends running a modern OS and obviously the company would love it if everyone upgraded to Windows 10. Newer OSes, and in particular Windows 10, are outfitted with advanced security features not found in previous versions of Windows.

Be that as it may, Microsoft's decision to issue yet another security patch for Windows XP could have unintended consequences, such as further delaying an IT department from recommending a wholesale upgrade to Windows 10. So long as Microsoft continues to protect Windows XP from the more serious threats in the wild, IT admins and businesses looking to save a few bucks can justify putting off an upgrade.

There is an excellent write-up by Peter Bright over at Arstechnica that covers this aspect in detail. Along with that is a sobering comment by one of the readers on another unintended consequence.

"Gotta say I agree with Peter on this one; I've already had two follow-up calls from clients pretty much telling me that they don't trust my advice anymore, since I've been reiterating over and over that Windows XP wouldn't be receiving any more patches after the April date for the past year," a reader wrote.

It is a tough situation for Microsoft. The alternative is to ignore Windows XP, but in going that route, a well orchestrated cyberattack could turn those vulnerable PCs into zombies or botnets that are used to attack other platforms.