In two blog posts today [1, 2], Microsoft announced it issued new security patches for Windows XP users to protect them against "potential nation-state activity" that could cause "destructive cyber attacks" similar to the WannaCry outbreak that hit users last month.
These XP patches have been included with Microsoft's June 2017 Patch Tuesday, which the company released a few hours ago.
Besides XP, Microsoft also released patches for Windows Server 2003. Patches for these operating systems are rare since they both reached their end-of-life many years before, and Microsoft has officially stopped providing security updates for both OS versions.
Previously, Microsoft released a special out-of-band security update for XP and Server 2003 in May this year, after the WannaCry ransomware outbreak, patching XP and Server 2003 against exploitation via the ETERNALBLUE SMB exploit.
ETERNALBLUE was only one of the many Windows hacking tools dumped online by the Shadow Brokers in April. Back then, Microsoft announced it patched most of the exploits but decided not to fix three because they impacted only users running older Windows versions, such as XP and Server 2003.
The NSA hacking tools that did not receive a patch were ENGLISHMANSDENTIST (Outlook), EXPLODINGCAN (IIS 6.0), and ESTEEMAUDIT (RDP). Microsoft confirmed today that it patched these three flaws in the eight XP and Server 2003 security updates it released as part of the June 2017 Patch Tuesday.
Below is a table with links to all the updates Microsoft released today for Windows XP, Windows XP Embedded, and Windows Server 2003.
|All CVEs from MS17-013||KB4012583|
|CVE-2017-0267 to 0280||KB4018466|
At the end of May, security firm enSilo released an unofficial third-party patch to protect Windows XP and Windows Server 2003 users against the ESTEEMAUDIT hacking tool.