Microsoft has already patched the NSA's leaked Windows hacks
Microsoft says it has already patched the Windows
exploits released by the Shadow Brokers group. The hacking tools, likely
originating from the NSA, were released online yesterday, and Microsoft was able to test and confirm
patches are already available for all currently supported versions of
Windows. That does mean that older Windows XP or Windows Vista systems
could still be vulnerable to three of the exploits released, but it’s
unlikely that Microsoft will supply patches for these older versions of
Windows as they’re already unsupported.
Microsoft’s response comes hours after unnecessary fear from several security researchers, including one who advised
Windows users to turn off their machines for the weekend. Even NSA
whistleblower Edward Snowden weighed in on the exploits, claiming that
the “NSA did not warn Microsoft”
about the leaked exploits. Microsoft itself seems to imply that the NSA
didn't warn the company. "Other than reporters, no individual or
organization has contacted us in relation to the materials released by
Shadow Brokers," says a Microsoft spokesperson in a statement to Reuters.
However, one security researcher, the grugq, claims that
the NSA may have actually reported some of the bugs themselves. While
Microsoft always acknowledges the source of security flaw reports, the grugq noticed there are no acknowledgements
for patches (MS17-010) issued last month that fix some of the leaked
NSA exploits. It's possible that The Shadow Brokers or another group /
individual tipped Microsoft to them in advance. Microsoft mysteriously delayed its Patch Tuesday release in February
by a month in an unprecedented move, blaming a "last minute issue".
March's Patch Tuesday included fixes for these leaked NSA exploits.
Either way, if you’re running Windows 7 or above then
you’re safe from this round of exploits as long as you’ve applied all
updates from Windows Update. If you’re still running Windows XP or
Windows Vista then it’s time to look at something more modern as you’re
open to these security flaws and many more that will remain unpatched
and exploited.
The article was published on : theverge
Post a Comment