New
#1
Was Windows 7 inherently vulnerable or was it chosen as the most widespread target in environments were security should have been better?
One week after it first hit, researchers are getting a better handle on how the WannaCry ransomware spread so quickly — and judging from the early figures, the story seems to be almost entirely about Windows 7.
According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections...
Tweet
— Twitter API (@user) View on Twitter
Read more: Almost all WannaCry victims were running Windows 7 - The Verge
See also: Microsoft - Customer Guidance for WannaCrypt attacks - Windows 10 Forums
Was Windows 7 inherently vulnerable or was it chosen as the most widespread target in environments were security should have been better?
Probably not surprising considering Windows 7 is still the most widely used Microsoft OS worldwide.
And, even though Microsoft did release a security update for this back in March, a lot of people probably didn't patch possibly due to having Windows Update turned off completely to avoid Windows 10 during the GWX 'campaign' (which is still ongoing, in my opinion) and they never turned updates back on again or even bothered checking for updates any more.
I'm guessing many Win 7 users have chosen to not update their PCs due to being alienated by GWX, snooping, etc.
Best approach is to install the security-only rollups then use Windows Update to get patches for .NET, Office, and other software.
I've been doing the monthly security updates, and, as of this month IE as well. Is this sufficient? Or are there other vulnerabilities (Live Mail, Office, etc?).
I ditched live mail when MS stopped supporting it last year. Switched to Thunderbird now as it gets regular updates. Not sure I'd feel comfortable running any software which hasn't been updated in 5 years these days. I don't really know how much of a security risk live mail is though?
Plus, it didn't seem to handle IMAP well on one of my accounts. Never could work out why. Messages kept disappearing and reappearing and not synching properly. Haven't had any issues since I switched to TB though.
So long as you're keeping up to date with security updates (including IE even if it is disabled), and keeping all security software updated.
Yes the attack was on Windows 7 because it is the most used.
The hacker gets a bigger bang for their buck.
Not Updating your system is the problem. The biggest reason some people are not updating Windows 7 was caused by Microsoft's beating users about the head and shoulder over that damn free W-10.
Both my system have all their needed updates, (rollups).
One system I had to do a Repair Install just to get Windows updates to work properly again. I had done so much tweaking just to stay away from W-10 I cause problems.
My systems are back to getting updates as they did before the W-10 (GWX) garbage.
What ever updates come from Microsoft concerning Windows 7 and security I install.
I leave drivers and such up to my inspection and choice.
So in my opinion Windows 7 updates are safe once again to install and I recommend doing so.
Jack