Shadow Brokers Leaks NSA Tools To Hack Windows, But Microsoft Already Patched Most Exploits
Hot on the heels of the whole WikiLeaks CIA hacking reveal, a new leak has now detailed hacking tools the National Security Agency allegedly use to hack Microsoft's Windows.
A mysterious group called "Shadow Brokers" disclosed some Windows hacking tools, purportedly stolen from the NSA, on Friday, April 14. All tools date back at least a few years, but exploit vulnerabilities in several Windows versions to shift across networks and compromise Windows systems.
— theshadowbrokers (@shadowbrokerss) April 14, 2017
The hacking tools Shadow Brokers dumped online revealed techniques to breach both Windows systems and certain financial networks. Some of those NSA hacking tools were already flagged by antivirus services years ago, but experts think that Shadow Brokers' leak still includes at least some unknown exploits for older Windows versions.
Microsoft Responds To NSA Windows Hack Leak
Microsoft was quick to respond to Shadow Brokers' reveal, noting that it already went through all of the listed exploits and evaluated them. As expected, the company says that most of those exploits have already been patched. Considering that those hacking tools were a few years old, it's barely surprising to learn they don't really work anymore on newer OS versions.
"Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers," the company explains. "Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already patched."
Coincidence - Or Not?
The leak even drew the attention of famous NSA whistleblower Edward Snowden, who said that the NSA didn't warn Microsoft about the exploits. Microsoft itself claims that no organization or individual aside from reporters has contacted the company in regard to the Shadow Brokers' leak.
However, as The Verge points out, at least one security researcher believes that the NSA might have told Microsoft about at least some of the bugs. Microsoft typically reveals who reported various security flaws, but one researcher noticed that the company issued patches with the MS17-010 update last month, fixing some of the newly revealed NSA exploits, without noting any source for flaw reports.
At the same time, that update marked the first time that Microsoft significantly delayed its Patch Tuesday update because of a "last-minute issue." That update was supposed to roll out in February but didn't hit the scene until March, when it patched some of the NSA exploits disclosed by Shadow Brokers. Coincidence? Maybe, maybe not.
Be that as it may, Microsoft has patched most of the flaws detailed in Shadow Hunters' NSA hack leak, so users running Windows 7 or later should have no reason to worry if they've installed all patches from Windows Update. Those still holding a torch for the old Windows XP or Vista, however, might want to consider upgrading at last, as they're still vulnerable to these exploits and many more that remain unpatched since the OS versions are no longer supported.