Nearly all WannaCry victims were running Windows 7 - CNET
Why the WannaCry cyberattack is so bad, and so avoidable
A new wave of the ransomware spreads chaos around the world. Paying the ransom may not cure computers, which could have avoided infection by simply keeping Windows updated.
The WannaCry ransomware attack takes advantage of a vulnerability in out-of-date versions of Microsoft Windows. The worst hit so far: people using Windows 7.
Over the past week, the world faced one of the worst cyberattacks ever, which struck hospitals, schools and businesses around the globe. The attack encrypted, or scrambled, the files on more than 300,000 computers in 150 countries and demanded victims pay ransom of at least $300.
Roughly 98 percent of infected PCs were running a version of Windows 7, according to data released Friday by security firm Kaspersky Lab. About 1.5 percent of infections hit 2008 R2 Server clients, while Windows XP infections were "insignificant," Costin Raiu, director of research for Kaspersky Lab, said in a tweet.
Windows 7 is still the most common version of Microsoft's software, even though it was originally released in 2009. Microsoft first released a patch for the vulnerability back in March, but many people clearly didn't update. Last week, the company issued rare patches for older versions of Windows it no longer formally supports to protect against the ransomware.
"Those who are running our free antivirus software or have Windows Update enabled are protected," said a Microsoft spokesperson in an emailed statement. Microsoft is directing customers to its security blog for more information.
Update, 4:07 p.m. PT: Adds comment from Microsoft.