Microsoft releases additional updates for older platforms to protect against potential nation-state activity
Today, as part of our regular Update Tuesday schedule, we have taken action to provide additional critical security updates to address vulnerabilities that are at heightened risk of exploitation due to past nation-state activity and disclosures. Some of the releases today are new, and some are for older platforms under custom support agreements, that we are making publicly available today. Customers with automatic updates enabled are protected and there is no additional action required. For customers managing updates, or those on older platforms, we encourage them to apply these updates as soon as possible.
Our security teams actively monitor for emerging threats to help us prioritize and take appropriate action. We are committed to ensuring our customers are protected against these potential attacks and we recommend those on older platforms, such as Windows XP, prioritize downloading and applying these critical updates, which can be found in the Download Center (or alternatively in the Update Catalog).
Our decision today to release these security updates for platforms not in extended support should not be viewed as a departure from our standard servicing policies. Based on an assessment of the current threat landscape by our security engineers, we made the decision to make updates available more broadly. As always, we recommend customers upgrade to the latest platforms. The best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations. Older systems, even if fully up-to-date, lack the latest security features and advancements.
As usual, customers on supported platforms with automatic updates enabled, like Windows 10 or Windows 8.1, are protected and do not need to take additional action.
Eric Doerr
General Manager, Microsoft Security Response Center
Further Resources:
- A detailed list of the updates released due to heightened risk can be found on Microsoft Security Advisory 4025685.
- For customers using Windows Server 2008, Windows 7 , Windows Server 2008 R2, Windows Server 2012, Windows 8.1, Windows 8.1 RT , Windows Server 2012 R2, Windows 10 , or Windows Server 2016 see Microsoft Knowledge Base Article 4025686 for guidance.
- For customers using Windows XP , Windows Vista , Windows 8 , Windows Server 2003 , or Windows Server 2003 R2 see Microsoft Knowledge Base article 4025687 for guidance.
- For customers using Windows Embedded versions see Microsoft Knowledge Base article 4025688 for guidance.
- For help determining which version of Windows you are running check here.
- Additional questions? See our Frequently Asked Questions here.