Almost all WannaCry victims were running Windows 7

mjf · 19 May 2017

Was Windows 7 inherently vulnerable or was it chosen as the most widespread target in environments were security should have been better?

CarlSD · 19 May 2017

Probably not surprising considering Windows 7 is still the most widely used Microsoft OS worldwide.

And, even though Microsoft did release a security update for this back in March, a lot of people probably didn't patch possibly due to having Windows Update turned off completely to avoid Windows 10 during the GWX 'campaign' (which is still ongoing, in my opinion) and they never turned updates back on again or even bothered checking for updates any more.

Brink · 19 May 2017

Yep, basically a user issue not keeping Windows Updated.

tetraps · 19 May 2017

I'm guessing many Win 7 users have chosen to not update their PCs due to being alienated by GWX, snooping, etc.

Best approach is to install the security-only rollups then use Windows Update to get patches for .NET, Office, and other software.

RoasterMen · 19 May 2017

This is obviously the reason why the attackers chose Windows 7 users.

MeOnMine · 19 May 2017

It was probably arranged that way !

michael diemer · 19 May 2017

I've been doing the monthly security updates, and, as of this month IE as well. Is this sufficient? Or are there other vulnerabilities (Live Mail, Office, etc?).

Brds7t7 · 20 May 2017

michael diemer said:

I've been doing the monthly security updates, and, as of this month IE as well. Is this sufficient? Or are there other vulnerabilities (Live Mail, Office, etc?).

I ditched live mail when MS stopped supporting it last year. Switched to Thunderbird now as it gets regular updates. Not sure I'd feel comfortable running any software which hasn't been updated in 5 years these days. I don't really know how much of a security risk live mail is though?

Plus, it didn't seem to handle IMAP well on one of my accounts. Never could work out why. Messages kept disappearing and reappearing and not synching properly. Haven't had any issues since I switched to TB though.

So long as you're keeping up to date with security updates (including IE even if it is disabled), and keeping all security software updated.

Layback Bear · 20 May 2017

Yes the attack was on Windows 7 because it is the most used.
The hacker gets a bigger bang for their buck.

Not Updating your system is the problem. The biggest reason some people are not updating Windows 7 was caused by Microsoft's beating users about the head and shoulder over that damn free W-10.

Both my system have all their needed updates, (rollups).
One system I had to do a Repair Install just to get Windows updates to work properly again. I had done so much tweaking just to stay away from W-10 I cause problems.

My systems are back to getting updates as they did before the W-10 (GWX) garbage.
What ever updates come from Microsoft concerning Windows 7 and security I install.
I leave drivers and such up to my inspection and choice.

So in my opinion Windows 7 updates are safe once again to install and I recommend doing so.

Jack