Windows released XP in 2001, and in 2009 they ended support for it. However, in 2019, they released updated patches for Windows XP and Windows Server 2003. Why? Because they identified a vulnerability in the unsupported operating systems that hackers could exploit.
This is similar to what happened in 2017 with the WannaCry ransomware worm. The unpatched Windows XP operating system was vulnerable to malware and needed to be patched even though it wasn’t supported.
The WannaCry ransomware worm exploited vulnerabilities in older versions of Windows to encrypt computers and demand payment for decryption. When after the WannaCry malware was rampant in more than 100 countries, Microsoft decided to break from tradition and release patches for versions of Windows that were out of support.
Then, as now, Microsoft encourages users to keep up to date with patches. Of course, they also suggest that the best way to address these types of vulnerabilities is to upgrade to the latest version of Windows. However, this may not be possible for all legacy applications businesses.
Upgrade and Patching Schedule
As we’ve seen, protecting yourself from new vulnerabilities found in older software and operating system versions is crucial. Keeping up with patches and updating your equipment can keep your network safe and keep your systems operating smoothly.
However, sometimes, legacy solutions need to be kept running for business reasons. If you find yourself unable to upgrade a certain system or application due to business constraints, then at the very least, you should ensure patches are applied promptly.
Software solutions are available to assist with patch management, such as Baramundi or ManageEngine. These patch management solutions will proactively notify you of patch releases and schedule patch installation to avoid peak usage hours.
These solutions can be helpful if you have limited support staff or if you want to remove some of the repetitive workloads from your team so they can focus on other things.
Visibility for the Win
Another way to protect your network is to use a Security Information and Event Management (SIEM) solution. SIEM systems provide real-time network analysis, and alerts provide you visibility to any suspicious or malicious activity.
SIEM solutions will:
- Manage and compile logs across the network to identify threats
- Provide security alerts in real time
- Suggest remediation of identified issues
- Analyze user behavior and machine behavior for suspicious activity
- Network monitoring in real time to identify issues or threats
- Look for known threats
As with any robust security policy, visibility is essential. SIEM solutions provide visibility and notify you of any imminent threats in real time.
Unsupported Systems Can Be Vulnerable
As we saw with WannaCry a few years ago, and as we’re seeing now with Microsoft’s new patches for systems they no longer support — age can make systems vulnerable. Legacy systems and or applications or servers running on older operating systems can be a weak point that hackers will find ways to exploit.
Using a monitoring solution, such as SIEM, and keeping up with patches for all your systems, even the unsupported ones, can help keep your data safe.