Hacker Neue

Preferences
kemotep parent
It only took about 7 years between XP’s EOL and EternalBlue based attacks like Wannacry and NotPetya.

A well configured firewall between your computer and the internet, uBlock Origin in the browser, and not downloading untrusted files off the internet can do a long way to help. Not stopping everything but at least shielding you from the worst.

I think the bigger issue is like on iPhones and Androids. Your software and apps stop supporting your OS long before the hardware or OS fails you.

frollogaston
Didn't WannaCry affect newer Windows versions equally? And they even backported the patch to XP.
kemotep OP
It affected anything using SMBv1 and improperly configured SMBv2. SMBv3 requires all mitigations in place

Which from what I understand is that even Windows 11 still has support for SMBv1.

But my point was that your standard “up to date” XP install in 2016 was highly vulnerable and could effectively be nuked by such an attack. It took nearly 7 years after support ended for that to happen. So you could theoretically get another 7 years out of Windows 10 before a similar situation happens where a global cyberattack negatively impacts you with no way to protect yourself because your OS doesn’t support a configuration that would prevent you from being a victim.

frollogaston
I see. But even after the 7 years, XP users were still able to protect themselves from WannaCry once the patch was created. Or they could've disabled SMB even before that, good idea anyway.

Btw I do have a spare PC, it only got Win10 because the GPU didn't support 7, and it's not getting 11 even though it supports it. Microsoft's job to keep that secure.

kemotep OP
Well I would hardly say that protections against being obliterated in a global ransomware attack that comes out after the ransomware attack occurs helps the victims that much but yes it is possible if there is another massive cyber attack Microsoft could release a fix for 10 years after support has ended.

It is definitely possible to heavily lockdown a Windows computer to prevent 99% of attacks and if you don’t need WAN access especially that becomes significantly easier.

It is far more likely browsers will drop support for 10 in a few years and that will be what stops the average user from being able to continue to use their Windows 10 computer.

frollogaston
Ah, I missed the part where the vuln had already been patched for newer versions before it was patched for XP, it's just that many didn't install the patches. Although, the exploit happened to not be compatible with XP just because the creator didn't bother. Security through poverty (jk)
p_ing
SMBv1 is not installed by default on Windows 11 (and I believe) Server 2025. You have to enable it as an optional feature.

This item has no comments currently.