The worm reused the meterpreter code which didn't target XP at all. For some reason some people are having are hard time dealing with this: https://news.ycombinator.com/item?id=14377799 and I am beginning to wonder why. Any insights?
>The worm reused the meterpreter code which didn't target XP at all
Small nitpick- though the worm aspect of WCry does have a lot of issues with targeting WinXP, the meterpreter part of that sentence is a widespread myth that originated from poor wording in a slide. Source, w/ a reply that has a link to correction from the original author: https://twitter.com/riskybusiness/status/864293475981729793
I think because they're aware Microsoft released a patch for Windows after XP, they're thinking as though XP can be the only one affected by the ransomware. As we've learned, that logic doesn't work since people turn off updates.
I think the reason that they were downvoted was not because people have a hard time accepting it but because they just stated that windows xp was not targeted without linking to any sources for that claim.
Well for one thing, people seem to really enjoy victim blaming. It's much easier to say, 'The people who got infected have only themselves to blame, they were using an old an unsupported OS!' rather than to accept that maybe it's not necessarily anyone's direct fault if their computer got infected.
It was patched for 7 months before WCry started to spread. So it's not "The people who got infected have only themselves to blame, they were using an old an unsupported OS!" it's "The people who got infected have only themselves to blame, they were using an old and extended support OS and turning off Windows Update!"
