Microsoft had a patch ready to protect older Windows XP systems from WannaCry ransomware but delayed its release to promote its own custom support programme.
The delay in implementation of Microsoft’s free security patch helped spread the malware’s reach to 150 countries.
According to a report published in The Financial Times, Microsoft had a free security patch ready to deal with WannaCry ransomware but delayed its implementation until late on Friday. This security patch was exclusively for vulnerable and outdated systems like Windows XP but Microsoft delayed it to promote its own ‘custom support’ programme.
Microsoft’s custom support programme offers regular security patches to outdated systems against fees which can run up to $1,000 a year. However, Microsoft has also been quite vocal in urging users of such systems to upgrade to the latest Windows software which offers the best protections.
“Recognizing that for a variety of business reasons, companies sometimes choose not to upgrade even after 10 or 15 years, Microsoft offers custom support agreements as a stopgap measure,” said Microsoft to CNET.
“To be clear, Microsoft would prefer that companies upgrade and realize the full benefits of the latest version rather than choose custom support. Security experts agree that the best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations. Older systems, even if fully up-to-date, simply lack the latest protections,” the company added.
The WannaCry ransomware has so far affected over 200,000 systems across 150 nations but hackers behind it have warned that they will launch more malicious codes in June to hack into more computers and phones around the world. The hackers have also claimed that they will dump data from central banks using the SWIFT international money transfer network and will also access data related from nuclear and missile programmes of countries like China, Russia, Iran and North Korea.
Earlier this week, Microsoft stressed that it had taken all possible measures to thwart the ransomware attack. The company bemoaned that even though it released a security patch back in March, many systems around the world continue to remain unpatched. At the same time, the company has constantly been updating its Advanced Threat Protection service to detect and disrupt cyber-attacks and is also offering support to outdated systems on a regular basis.
“We take every single cyber-attack on a Windows system seriously, and we’ve been working around the clock since Friday to help all our customers who have been affected by this incident. This included a decision to take additional steps to assist users with older systems that are no longer supported. Clearly, responding to this attack and helping those affected needs to be our most immediate priority,” said the company.