Researchers Suggest Windows XP Was Immune To WannaCry Virus

It turns out that devices running Windows XP operating systems weren’t actually as vulnerable to the WannaCry ransomware virus as was first thought, according to research carried out by Kryptos Logic.

Kryptos suggests that, although Windows XP is vulnerable when the WannaCry binary is executed locally on the host, the OS didn’t actually contribute much to the early wave of infections.

This is because the virus was predominantly spread over the network via the MS17-010 SMB vulnerability used by Windows machines.

Windows XP

WannaCry used two types of exploit codes: ETERNALBLUE and DOUBLEPULSAR. Kryptos decided to test the code in four different scenarios: Windows XP with Service Pack 2, Windows XP with Service Pack 3, Windows 7 64 bit with Service Pack 1 and Windows Server 2008 with Service Pack 1.

The researchers found that infection was unsuccessful in both Windows XP scenarios, with the worst outcome being the blue-screen of death (BSOD).

Windows 7 64 bit with Service Pack 1 became infected after multiple attempts and Windows Server 2008 with Service Pack 1 was reported as exploited.

“Since the main infection vector here was the SMB exploit, it seems like XP did not contribute much to the total infection counts,” write the researchers. “To be clear, the Windows XP systems are vulnerable to ETERNALBLUE, but the exploit as implemented in WannaCry does not seem to reliably deploy DOUBLEPULSAR and achieve proper RCE, instead simply hard crashing our test machines.

“The worst case scenario, and likely scenario, is that WannaCry caused many unexplained blue-screen-of-death crashes.”

WannaCry, also known as WannaCrypt, caused havoc earlier this month when it spread like wildfire across the globe, attacking the NHS and hundreds of other organisations before being stopped by a ‘kill switch’ developed by a security researcher.

It has since gone on to hit the Russian postal service and has been linked to a North Korean hacking group by the likes of Symantec and Kaspersky Lab.

Do you know all about security in 2017? Try our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Amazon To Shutter Sites In Unionised Province In Canada

1,700 jobs to be lost in Quebec, as Amazon says it will close seven sites…

14 hours ago

Google Wins UK Injunction To Halt Russian Enforcement Of Judgements

Google wins permanent injunction from London's High Court to prevent enforcement of Russian YouTube judgements

16 hours ago

Tech Giants Announce $500 Billion AI Plan In US

OpenAI, SoftBank, Oracle and others form joint venture called 'The Stargate Project' – to build…

18 hours ago

CMA Chair Replaced By Government Amid Growth Drive

Government replaces chairman of the competition watchdog with former Amazon boss, amid Labour's “growth” drive…

19 hours ago

Google Invests $1 Billion in AI Startup Anthropic

More investment into OpenAI rival Anthropic, after Google reportedly makes fresh investment of more than…

22 hours ago

The State of Additive Manufacturing: Head-to-Head

Explore insights from Mathieu Pérennou, Additive Manufacturing Solutions Director at Hexagon, on how 3D printing…

22 hours ago