That lends credence to reports that suggest that the vulnerability exploited by the worm responsible for the attack is the same one revealed in April by the hacker group known as the Shadow Brokers. The Shadow Brokers alleged that the National Security Agency had used weaknesses in Windows as part of its digital surveillance efforts.

Microsoft released a patch to fix those vulnerabilities on or before March 14.

AD

AD

Regular or auto updaters should have been covered by that patch. But if you haven't updated your system since then, do it now, regardless of whether you're a business or consumer.

Microsoft said in April that the problems had been fixed for anyone running Windows 7 or a newer system. According to the analytics firm NetMarketShare, about 7 percent of the world is still vulnerable to the malicious software. Those running versions of Exchange older than Exchange 2010 also are not protected.

“Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” Microsoft said in April. For instructions on how to do that for your particular computer, visit Microsoft's help center.