Microsoft already fixed the 'Shadow Brokers' exploits on supported versions of Windows

Share

Following the leak, Microsoft released a statement outlining the risks that may have been created by the disclosure. It boasts 11,000 banking and securities organizations in 200 countries across the world as members of its community. However, according to security researcher Nicholas Weaver of the International Computer Science Institute, the methods in the documents show the NSA was going beyond its "official access".

"This may well be the most damaging dump against the NSA to date, and it is without question the most damaging post-Snowden release", Weaver wrote.

Analysts generally accepted the leaked files came from the NSA. Microsoft isn't saying, which is unprecedented, and many believe that it must have been the NSA as they knew the exact issues that these tools exploited and were able to give Microsoft the heads up once Shadow Broker was able to get their hands on the assets.

The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages.

All the affected Microsoft Windows versions such as Windows XP and Windows Server 2008 just needs to be updated in order to fix the new exploits.

The hacking group Shadow Brokers last week revealed a large number of Windows vulnerabilities it claims to have stolen from the National Security Agency (NSA), but Microsoft said Friday that it has already patched majority.

The hacking tools are allegedly part of the arsenal that was said to be stolen from the NSA last summer.

Upon reviewing the data released by the group it has been seen that NSA had accessed the SWIFT money transfer system through service providers in the Middle East and Latin America.

If genuine, such a hack could have enabled the U.S. to covertly monitor financial transactions, researchers said.

Microsoft also issued a blog post on the subject, noting that, as the company worked to verify the exploits, it discovered that nine were already been addressed by previously issued patches.

While home and small business users, who generally patch as soon as possible, may be protected against these exploits, bigger businesses generally take a while to patch because they have extensive testing to be done, and may still be vulnerable.

On Friday, Microsoft also said it was still studying the leak, and it "will take the necessary actions to protect our customers". One hacking tool, called "FuzzBunch", appears to affect Windows 8, Windows 7 and Windows Vista, as well as Windows Server 2000 though Windows Server 2012, according to the story. The exploits, which focus on multiple versions of Microsoft's Windows operating system, are extremely effective - and, worryingly, don't require extensive technical knowledge to use.

Share