Other issues in this category (35)
Old OS are getting rusty
Wednesday, June 21, 2017
An operating system (OS) is a necessity in our digital era. When choosing an OS, we factor in its usability, stable operation, predictability, and performance. So long as it works, that’s good enough for us! That's why many people are reluctant to upgrade the platform and applications they use. And that’s quite understandable, especially if the new versions consume more system resources and offer only a few new features.
Problem number one is that the obsolete protocol used by WannaCry in its attack is also being used in file sharing and large logistic networks. Well, some places have managed to upgrade to newer versions. But that requires a lot of effort and can cause a cascade of failures since all previously adopted workarounds become inapplicable. But simply disabling SMB can cause trouble. One obvious problem: having to manually attend to 150 devices—of different brands and with different firmware and different control interfaces—because there is no way to access them all remotely from a single control center. And one would also need security department authorisation to access system-critical settings on each device.
In their turn, OS developers can't maintain older versions indefinitely. That involves paying programmers, who could otherwise be engaged in important projects, to design workarounds that would make their software operational on older hardware and to review code no one even remembers. In short, it’s expensive.
As a result, companies regularly discontinue support for older OS and, specifically, cease to release security updates for them.
Because of the WannaCry outbreak, Microsoft made an exception and rolled out security patches for its unsupported OS, namely Windows XP, Windows Server 2003 and Windows 8. But the patches only resolve the EternalBlue security issue; no patches that would thwart other vulnerability exploits (e.g. EnglishmanDentist, EsteemAudit and ExplodingCan) were released. According to Microsoft, those exploits won't work under the Windows versions it still supports and, therefore, systems running Windows 7 and later do not run the risk of coming under attack. Meanwhile, users who prefer Windows XP and other outdated versions should brace themselves for WannaCry-2. Maybe then the patches will be released.
EsteemAudit exploits a Remote Desktop Protocol (RDP) vulnerability on Windows Server 2003 / Windows XP computers.
Windows XP still accounts for 7% of the OS currently in use. Experts estimate that over 600 nodes hosting over 175 million websites, still run Windows Server 2003.
The Anti-virus Times recommends
Unsupported OS and applications are like time bombs. No matter how user-friendly our old applications are, alas, if we want to sleep soundly (many people don't turn off their computers before going to bed, and if a worm outbreak occurs, they can wake up in the morning to see a ransom demand), they must be discarded.
But what can you do if you can’t upgrade to a newer version?
- Install an anti-virus. It won't patch unknown loopholes, but malware won't be able to run in the system.
- Delete the software you don't use and shut down unnecessary services. Fewer programs offer fewer targets for a potential attack.
- Configure the firewall—create a list of applications that are allowed Internet access and close ports that aren't being used, such as the one that by default facilitates remote access.
- Back up important information regularly.