Ask HN: Anyone noticed the odd timestamps on latest Windows XP patch?

2 points by Artlav ↗ HN
Had to patch a few WinXP machines against WannCry recently, and noticed something odd.

Take a look at the XP SP3 update file - as necessary, it is digitally signed by Microsoft. Take a look at the timestamp in the signature - it's February 11th, 2017. The embedded one is 17th, the 2003 server one is 12th, Win 8th one is 13th.

That's a full month before the official update was released, on March 17th. For comparison, Win 10 one is dated March 6th. This is suspicious, even though it doesn't really prove anything - they might have known the severity of the vulnerability and prepared for it in advance or something.

But it's still suspicious - why prepare such updates beforehand, but not release them?

Am i overthinking it, or does anyone else find this odd?

4 comments

[ 3.2 ms ] story [ 17.3 ms ] thread
possible explanation: Because if you release an update for a vulnerability, you often more or less tell the world how the vulnerability works. If the Win10 patch wasn't finished yet, they couldn't release the XP one.
Hm? Win 10 one was released in March, but XP's one wasn't released until WannaCry was rampaging in May.

The fishy part is that they prepared an XP update well in advance, but didn't release it until after the rampage.

They released it to customers with WinXP support contracts in March, parallel to the patches for other versions.
The SMB exploit was released by the Shadow Brokers on April 14, 2017. How come Microsoft patched it in February? How did they know about it?