From Wikipedia, the free encyclopedia
DetailsEternalBlue exploits a vulnerability in Microsoft's implementation of the Server Message Block (SMB) protocol. Despite the fact that the vulnerability was resolved by security update (MS17-010) provided by Microsoft on 14 March 2017, many Windows users had still not installed this security patch when, on 12 May 2017, the WannaCry attack used the vulnerability to spread itself.
Due to the seriousness of the WannaCry attack, on May 13, 2017 Microsoft took the highly unusual step of also providing a security update for Windows XP, Windows 8, and Windows Server 2003, despite these versions being past their support cycles. The extended support for Windows XP ended three years previously on April 8, 2014, whilst Windows Server 2003 support had ended on July 14, 2015. Windows XP, Windows 8, and Windows Server 2003 users can download the patch from the Microsoft Update Catalog. Windows Vista, Windows 7, Windows 8.1, Windows 10, Windows Server 2008, Windows Server 2012, and Windows Server 2016 were included in the normal security update in March, though extended support for Windows Vista ended on 11 April 2017.