Latest Shadow Brokers Windows Exploits Already Patched by Microsoft
- Author: Latoya Cobb Apr 18, 2017,
Apr 18, 2017, 0:39
Since Microsoft no longer issues patches for operating systems prior to Windows 7, some of the hacking tools will forever work on out-of-date computers, including those that run Windows Vista, Windows XP and other versions.
Yesterday, an elusive group of hackers, who go back by the name Shadow Brokers, released a massive dump of Windows exploits that were allegedly stolen from the NSA.
The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages.
This Friday's release contains more serious exploits.
Described as the "Lost in Translation" leak, the Shadow Brokers' latest release has been called the group's most damaging dump to date by some news sources. They also stated the hacking tools from "Shadow Brokers" is several years old. This would normally mean either that Microsoft somehow found (or purchased) all the vulnerabilities The Shadow Brokers were auctioning off, or perhaps that someone anonymously alerted Microsoft about the bugs. SWIFT is a global financial messaging system that thousands of banks and organizations use to transfer billions of dollars daily.
"This is a remote code execution vulnerability", Microsoft warned in its advisory at the time.
"Devices not on this list will not officially receive the Windows 10 Creators Update nor will they receive any future builds from our development branch that we release as part of the Windows Insider Program", Sarkar said.
Such a hack could have enabled the USA to covertly monitor financial transactions, researchers said.
With the new April 14 Shadow Broker's exploit data dump, Microsoft's response was swift, noting in an advisory that nine of the 13 exploits, had already been patched. Researchers were able to replicate some of the hacks.
It should be noted that after the leaks of the exploits carried out by Shadow Brokers, some security experts advised many users of Microsoft software to shut down their machines over this weekend to avoid risks until it was solved.
Programmes for attacking various versions of the Windows operating system were also published. Since the Windows 10 launch, some users and privacy advocates have shared concerns about the company sending telemetry data to the U.S. intelligence agencies.
"There is no impact on SWIFT's infrastructure or data, however we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties".
Microsoft said in a statement that it is reviewing the leak and "will take the necessary actions to protect our customers".