Microsoft Patches NSA's Windows Exploits

Regolare Commento Stampare

The hack, if verified, could be the biggest ever exposed after exposure of NSA files by Edward Snowden in 2013.

The Shadow Brokers, an unidentified group or persons, has hacked the NSA for the past eight months and have leaked a gigabyte of NSA data. Being able to exploit that type of vulnerability in software as common as Microsoft Windows is considered highly valuable for clear reasons.

Researchers are still pouring over the leaked documents, but they've noticed the tools target Windows XP, Windows Server 2003, Windows 7 and 8, among other software products such as Lotus Notes, now called IBM Notes.

In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.

"The EastNets Network Internal Security Unit has run a complete check of its servers and found no hacker compromise or any vulnerabilities". The leak also included a tool that appeared to be linked to the Stuxnet computer worm that caused extensive damage to Iran's nuclear facilities in 2010.

One spreedsheet contained in the release listed a slew of banks based in the Middle East that were successfully infected by NSA spyware.

On one hand, Microsoft showed the value of its patching services and mechanisms by thwarting these exploits before they were released but on the other hand, if the company is working that closely with the NSA, this may not sit well with some individuals.

Most of the exploits are said to use zero-day vulnerabilities, previously unknown software exploits that are already being used by hackers even before the software makers are made aware of them.

And although it looked like the end of the world for Windows users, as some experts have called it, Microsoft says there's absolutely no reason to be anxious.

Following the leak, Microsoft released a statement outlining the risks that may have been created by the disclosure.

Besides a cache of potentially damaging zero-day exploits against many versions of Windows, another element of today's Shadow Brokers release is a folder titled SWIFT.

Criminals stole millions of dollars from Bangladesh's central bank after Swift was targeted by hackers a year ago.

The concerns surrounding the transparency of the NSA and its duty to warn a company of an impending attack puts the Vulnerabilities Equities Process (VEP) into question. Swift is used by about 11,000 banks to transfer money between countries. The security threat is apparently reduced in just few hours. However, the firm did concede to the possibility that the local messaging system of some of its clients could have been breached.

The Windows flaws were disclosed by the hacking gang Shadow Brokers in a large data dump earlier Friday. In the words of the Shadow Broker's latest message, "Who knows what we having next time?"

"That's information you can only get if you compromise the system", Suiche said, Reuters reported.

This obviously reflects badly on Microsoft as its customers are open to hacking by a state agency.

FUZZBUNCH contains the Windows exploits mentioned above that were detailed in the Shadow Brokers leak.