Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[kitz]

From El Reg

It doesn't mean that XP was mysteriously protected by its love of BSOD

XP was very stable and certainly not known for its love of BSOD.  The whole reason XP was so popular was because of its stability and why it was continued to be used in preference to the later Vista.  It was previous operating systems that got Windows the BSOD reputation. 

Vista was a damp squib.  I have several Vista reg keys somewhere that were never really used (Bought a Vista MC licence when ordering the hardware to build a media server.    Vista MC did not play nice with some of the hardware and I eventually put XP on and it was fine.   I also bought a Medion PC that came with Vista because it sold as a package cheaper than I could buy the hardware for and build myself.   First thing I did was remove Vista and put XP on it.)   

    Windows XP with Service Pack 2 – No infection
    Windows XP with Service Pack 3 – Random blue-screen of death (BSOD) but no infection
    Windows 7 64 bit with Service Pack 1 – Infected after multiple attempts
    Windows Server 2008 with Service Pack 1 – Could not replicate infection, but reported exploited

Yet the public at large saw XP machines with the ransomware screen.   It's not just the NHS, but train announcement systems etc right in public view for all to see displaying the ransomware screen.   

Have I missed something here, because if XP machines were supposedly not infected, then why were so many of them not in the BSOD cycle but instead proclaiming for all to see that they were locked down due to the WannaCry infection and demanding a ransom?

[sevenlayermuddle]

I travel by train quite a lot, as do other folks I know.   I have yet to meet anybody, at first hand, who I trust to speak the truth, and who spotted ransomware on a station display.   By 'trust to speak the truth' I obviously exclude all journalists.

Also, put yourself in the shoes of the malware authors.   All Software has bugs and vulnerabilities, and there is no reason to think that new software has any fewer bugs than software written a decade ago.   There's always going to be a plentiful supply of nice juicy vulnerabilities in recent software, not yet reported in the field, be it Windows, Linux or Apple.   If you were in it for the money, why focus on an ancient OS like XP when there are just as many vulnerabilities in newer versions of the OS, and far more people running these versions?

[kitz]

You may have a valid point as I havent really been tracking any new developments that much over the past couple of months.  At the beginning it was assumed they were XP machines because thats what we were hearing about the NHS machines.

Kapersky has done a detailed breakdown of infected PCs - 98% of which were unpatched versions of Win7



The full report by Kryptos can be viewed here

I've not read it all, only scanned, but just look how many of the infected PCs were from China 
I can't help but wonder if there is some sort of link there.   China is massively infamous for using pirated versions of Windows therefore less likely to have Win updates installed despite the patch being released several months earlier. 

[sevenlayermuddle]

98% of which were unpatched versions of Win7

Ah yes, unpatched.  I am certainly ready to believe that some big organisations may well be not up to date with patches.  But with that I can sympathise.

When I worked for a living, as a software developer, there was often an ongoing battle between IT departments that wanted to use their admin privileges to enforce updates, and developers finding ever more creative ways to stop the updates from installing.   

For we all knew perfectly well the havoc that a flawed update can cause, especially on a critical day such as when a major release build was in progress.   Of course we understood the risks and would generally try the updates at some later point.  I can equally well imagine a less techie office manager, who's suffered in the past from a disastrous update, being reluctant to let them happen again...