WannaCry ransomware hit Windows 7 the hardest

Windows XP was vulnerable to the WannaCry worm but couldn't spread the infection further

Tom Allen
22 May 2017

Tweet
Facebook
Google plus
Send to

WANNACRY RANSOMWARE hit Windows 7 PCs the hardest, a security firm has revealed, largely because Microsoft's ageing Windows XP OS is too old to handle it.

In a survey for Reuters, BitSight found that 67 per cent of infected PCs it infected were running Windows 7, despite the OS being installed on fewer than half of Windows PCs worldwide.

Paul Pratley, of UK consulting firm MWR InfoSecurity, told Reuters that WannaCry's ability to infect other computers on the same network without human intervention appeared to be tailored to Windows 7.

Other versions of Windows were not as vulnerable, although not always for the right reasons. Windows 10 represented 15 per cent of infections, while Windows 8, 8.1, Vista and XP made up the remainder.

Windows XP, which is used across the NHS and other organisations, played a much smaller role in the spread of WannaCry than initially thought, because the system crashes before the virus can replicate. Individual computers were vulnerable to the worm component, said researchers at MWR and Kryptos, but could not spread the ransomware themselves.

More modern operating systems - those currently being supported by Microsoft - were able to download a critical security patch released on the 14 March, immunising their computers against WannaCry. However, many users failed to do so.

A security expert, who preferred not to be named, told the INQUIRER: "While we...would always recommend that patching be an integral part of your security, the reasons why IT departments occasionally fall short is because it is rarely a simple exercise... Most have heterogeneous IT environments with critical applications; they cannot roll out a patch until they have tested it to make sure that there are no unforeseen side effects."

Despite its relative ineffectiveness in spreading WannaCry, Windows XP was the subject of a free patch from Microsoft on the 12 May to protect the system. Free support for XP was ended in April 2014; the release of a non-paid patch shows how seriously WannaCry was being treated by the company.

Malwarebytes tracked the WannaCry infection across the globe as it happened - from the first reported case in Russia on Thursday evening, to an explosion of infections less than 12 hours later. The threat was not brought under control until 8pm on Friday, when the rate of spread began to slow. µ