After a hacking group released a collection of exploits designed to help cyber-criminals break into Microsoft’s software, Windows users are urged to update their computers as soon as possible. The tools were released by released by a hacking group called the Shadow Brokers group, and has allegedly been stolen from the US’ National Security Agency (NSA) last summer.
It is believed that NSA spies are secretly using the exploits to break into computers running older versions of Windows, XP and Vista are not left out. According to Microsoft “most of the exploits” have already been addressed with several patches, one of the patches was issued last month and Windows users users are strongly warned to update their devices.
Microsoft wrote in a blog post “Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products. We encourage customers to ensure their computers are up-to-date.”
Users running the latest versions of the Windows operating systems still supported by Microsoft will be safe from the EternalBlue, EmeraldThread, EternalChampion, ErraticGopher, EsikmoRoll, EternalRomance, EducatedScholar, EternalSynergy and EclipsedWing exploits.
Also, the company added that “Of the three remaining exploits, ‘EnglishmanDentist’, ‘EsteemAudit’, and ‘ExplodingCan’, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk”. Customers still running prior versions of Windows are also encouraged to upgrade.
Microsoft said that NSA didn’t warn it about the release, a spokesperson told Reuters, “Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers.”
Edward Snowden, who previously claimed that the NSA “did not warn Microsoft” about the Shadow Brokers release, suggested that they may have tipped off the tech company ahead of its March patch.
— Edward Snowden (@Snowden) April 15, 2017
As seen on the tweet, “Microsoft doesn’t credit anyone for the report behind the March patch. Was it @NSAGov? If so, it was the right call. Better late than never.”
Microsoft Corporation is an American multinational technology company headquartered in Redmond, Washington, that develops, manufactures, licenses, supports and sells computer software, consumer electronics and personal computers and services. Its best known software products are the Microsoft Windows line of operating systems, Microsoft Office office suite, and Internet Explorer and Edge web browsers. Its flagship hardware products are the Xbox game consoles and the Microsoft Surface tablet lineup. It is the world’s largest software maker by revenue, and one of the world’s most valuable companies.
The Shadow Brokers (TSB) is a hacker group originating in summer 2016. They published several leaks of some of the National Security Agency (NSA) hacking tools including zero-day exploits. Specifically, exploits and vulnerabilities targeting enterprise firewalls, anti-virus products and Microsoft products, tied to the Equation Group threat actor, NSA’s Tailored Access Operations (TAO)
The National Security Agency (NSA) is an intelligence organization of the United States federal government responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, a discipline known as signals intelligence (SIGINT). NSA is concurrently charged with protection of U.S. government communications and information systems against penetration and network warfare.