Yes, new updates for Windows XP and Windows Server 2003: Microsoft has confirmed that the latest round of security updates fixes three remaining vulnerabilities created by the NSA (US National Security Agency), which the company has previously said it will not patch.
The company confirmed the release of patches for exploits, which affected only the older Windows XP and Windows Server 2003 operating systems.
The release comes as the company seems to have realized the "increased risk of catastrophic cyber attacks" following last month's ransomware cyberattack.
Microsoft updated all supported versions of Windows with April updates, except three that affected only older versions of Windows and users had to upgrade.
But after WannaCry's last month's expansion of thousands of computers, Microsoft has decided to fix the remaining security gaps to avoid a similar incident.
A company spokesman said the three Windows exploits - ENGLISHMANDENTIST, ESTEEMAUDIT and EXPLODINGCAN - had been fixed in the June security updates.
"These vulnerabilities are quite serious and still circulate, even if the affected systems remain down for some time," Sean Dillon, senior security analyst at RiskSense, said in an email to ZDNet.
“The biggest threat is not necessarily ransomware. The installation of hidden malware, such as some bank account theft software, spyware and key-loggers, as well as software that allows the leakage of classified information, pose a huge risk if an attacker is able to breach an internal network and install backdoors,” he added.
Microsoft, meanwhile, told ZDNet that the decision to rectify the bug was a "rare move", adding that "it should not be seen as a departure from the company's standard service policies".
