It appears that though most of the exploits target older Windows versions, dating back as early as Windows XP and Windows Server 2003, but many supported versions are still on the list, including Windows 7 and Windows 8. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.
The Shadow Brokers, a group of anonymous hackers had published hacking tools used by the NSA previous year. This could suggest that the NSA, or even individuals from another hacking group, may have given Microsoft the heads up.
"It is by far the most powerful cache of exploits ever released", cyber security expert Matthew Hickey told Ars Technica, a technology news outlet.
The document dump - which is mostly lines of computer code - amounts to an emergency for Microsoft because the hacks consist of a variety of "zero-day exploits" that can serve to infiltrate Windows machines for purposes of espionage, vandalism, or document theft. Three of the NSA exploits, which Microsoft indexes as MS17-010, CVE-2017-0146, and CVE-2017-0147, have not been patched but do not work on programs that Microsoft now supports, according to Ars Technica.
Since Microsoft fixed one of the flaws only last month, it's possible that The Shadow Brokers tools may represent NSA tools deemed useful for national security purposes. This would normally mean either that Microsoft somehow found (or purchased) all the vulnerabilities The Shadow Brokers were auctioning off, or perhaps that someone anonymously alerted Microsoft about the bugs. Desktop users who allow auto-updates or who regularly check for updates on their computers should be covered.
"EastNets continues to guarantee the complete safety and security of its customers' data with the highest levels of protection from its Swift-certified service bureau". SWIFT stated that there was no indication that their main network had been accessed by unauthorized users.
Microsoft said three exploits don't reproduce on "supported platforms", meaning people should upgrade to Windows 7 or a newer version.
Microsoft's response comes after exaggerated concerns from a number of security researchers.
Among the leaked arsenal there is ExplodingCan, which creates a remote backdoor by exploiting the Windows web server Internet Information Services on older versions of the OS.
Do note, Microsoft Windows XP and Windows Vista will no longer receive these patches as they have crossed their end of support dates.
Due to the detailed description of service bureau infrastructure in the Shadow Brokers documents, Suiche believes the leak could be harmful to the SWIFT network. "ETERNALCHAMPION", a SMBv1 exploit, was patched by Windows updates CVE-2017-0146 & CVE-2017-0147.
On Friday, Microsoft also said it was still studying the leak, and it "will take the necessary actions to protect our customers".
Recommended:
-
'Nothing romantic happening', Sienna Miller rubbishes rumours with Brad Pitt
Did Angelina Jolie put the twins in danger? The actor would accuse his ex-wife of being too careless with their six children. In January, the couple chose to resolve the remainder of their divorce proceedings and custody dispute in private.Christians celebrate Good Friday in Jerusalem
The cleric emphasised that Jesus filled the gap between God and man at the cross as He took our sins upon Himself. Christian pilgrims attend Good Friday procession in Jerusalem Friday, April 14, 2017.Umpire Dale Scott takes foul tip to facemask, leaves Jays-Orioles game
After the double, a wild pitch advanced Schoop to third but he struck out Ryan Flaherty to remove the possibility of a sac fly. Over the course of the first 10 games, the Jays had just one four-run inning and five others in which they scored a pair. -
Cristie Kerr wins LPGA Lotte in Hawaii for 19th tour title
It was Ko's fourth top ten in her seventh event of the year, but her first top five of the campaign. She had a chance at having second place all to herself but made bogey on the final hole.Pirates scratch OF Polanco vs Cubs because of groin injury
Realmuto hit a game-ending RBI double with two out in the ninth inning, and Miami snapped New York's five-game win streak. Washington's Stephen Strasburg also got a no-decision after yielding two runs and striking out eight in seven innings.Syria's Assad Says Idlib Chemical Attack 'Fabrication': AFP Interview
We may be at an all-time low in terms of relationship with Russian Federation ", said Trump. He said Assad's government was responsible. -
Crude oil prices flat to start Monday, after rough overnight patch
China's March refinery throughput also rose to 11.19 million bpd, just shy of December's record, as margins remained attractive. The price for Brent crude oil was down 0.13 percent about a half hour before the start of trading in NY to $55.82 per barrel.Little monsters go Gaga at Coachella as superstar unveils new single
Meanwhile, Radiohead walked off the stage twice during their performance at the Coachella, due to complete sound failures. As well as performing so many major hits, the singer debuted new single "The Cure" , much to the delight of the crowd.Boy, 5, Crushed to Death at Sun Dial Rotating Restaurant in Atlanta
Authorities at the time reportedly said that foul play was not suspected as the woman worked in the culinary department. As the floor moved, the child became caught "in between maybe 4 to 5 inches of space", Atlanta police Sgt. -
Sunderland stay rooted to the bottom after United defeat
Jose Mourinho's Manchester United kept their faint hopes of breaking into the top four alive on Sunday afternoon as they overcame 10-man Sunderland.Real Madrid stuns Bayern to take lead in CL tie
Real Madrid star Cristiano Ronaldo said he never expected to become the first player to score 100 goals in UEFA club competition. The second leg takes place in Madrid on Tuesday. "In the second half It was going to be ours".Trump reverses himself on NATO, China, Russia and more
If history is any guide, Trump has no consistent ideology, and his positions on any given policy are meaningless. One upside to the Trump China flip-flop: He flipped in the direction of truth.