Microsoft’s free custom support could have stopped WannaCrypt

May 18, 2017


Blaming Microsoft for not providing free custom support to its customers who were using old Windows software that may have slowed down the WannaCrypt attack, a media report said that the tech giant charged a fortune for custom support for older versions, including Windows XP that was discontinued in 2014.

According to a report in Financial Times on Thursday, issuing free custom support would have protected the computers from the ransomware attack.

“But users of older software, such as Windows XP, have to pay hefty fees for so-called ‘custom’ support. The cost went from $200 per device in 2014, when regular support for XP ended, to $400 the following year. It jumped to $1,000 after that,” the report said.

While Microsoft offered deals for government agencies during the first year after the support for Windows XP was over, it charged the customers, including Britain’s National Health Service (NHS), for the custom support.

NHS, however, abandoned the custom support for unknown reasons in 2015, which exposed it to last week’s ransomeware attack.

Microsoft, however, issued a “free” patch for old software, including Windows XP, on Friday midnight when the ransomware attack began spreading.

According to the report, “the high price highlights the quandary the world’s biggest software company faces as it tries to force customers to move to newer and more secure software, while at the same time earning a profit from the army of engineers it employs on security issues.”

The vulnerability in the Microsoft Windows software — exploited by WannaCrypt — crippled computers across 150 countries, with hackers demanding hundreds of dollars from the users for them to regain control over their data.

Microsoft has now provided security updates for all customers using Windows 8 and Windows Server 2003, anticipating further attacks on these earlier platforms being used by millions.

According to the company, “Customers who are running supported versions of the operating system (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8.1, Windows Server 2012, Windows 10, Windows Server 2012 R2, Windows Server 2016) will have received the security update MS17-010 in March.”

“If customers have automatic updates enabled or have installed the update, they are protected. For other customers, we encourage them to install the update as soon as possible,” said Phillip Misner, principal security group manager, Microsoft Security Response Centre.