Despite Microsoft rolling out a patch for a vulnerability almost two months prior, some companies hadn’t implemented the patch because they still needed to test it in their environment. But that lag is what left the UK’s National Health Service open to attack. Stuart Okin, vice president at security software vendor 1E, explained NHS’s use of outdated software, which is said to have enabled the attackers to carry off their mission – specifically machines still running Windows XP. “When you have a huge variety of old machines and equipment, you’re vulnerable to these kinds of attacks,” says Okin.
Read more here.