"...the patches include updates to Windows XP, the operating system that was targeted by the WannaCry ransomware attack in May..."
That's simply not true. The known/unknown Exploit targeted Windows 7 and Server 200x vulnerability
The American intelligence services had built an application around a vulnerability they had discovered in older Microsoft OS
They had successfully used this exploit to target PCs and Sytems they had an interest in (Foreign and Home)
This application was stolen or leaked and made it's way onto the dark web where hacker groups modified it, adding the Ransomware element
It's simply untrue that it targeted XP systems