Last month, Microsoft took what it called the "highly unusual" step of patching older Windows versions like XP against the WannaCrypt ransomware virus. It's doing the same in June to protect against attacks that are potentially even more sinister. "This month, some vulnerabilities were identified that pose elevated risk of cyber attacks by government organizations, sometimes referred to as nation-state actors or other copycat organizations," security manager Adrienne Hall wrote in a blog.
If you're using current, supported versions of Windows, including Windows 7, 8.1 and 10, or Windows Server versions between 2008 and 2016, your systems will automatically update, assuming you have that feature enabled (or you can download the patches here). If you have versions without extended support, including Windows XP, Vista, 8 or Server 2003, you'll need to download and install the patches manually.
Microsoft made the patches available to all customers "because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt," it said. It didn't mention what those were, specifically, but it's clearly concerned about them.
Last month, WannaCrypt attacked older computers systems, including those used by the UK's National Health System, causing canceled surgeries and other chaos. The highly sophisticated software, distributed by the Russian-linked Shadow Brokers team, was reportedly purloined from the US Department of Homeland Security's cache of hacking tools. Microsoft subsequently excoriated the agency, saying that letting its spy tools fall into enemy hands is like "the U.S. military having some of its Tomahawk missiles stolen."