'Shadow Brokers' dump of NSA tools includes new Windows exploits

'Shadow Brokers' dump of NSA tools includes new Windows exploits

That left only older, unsupported versions of Windows operating systems and Exchange email servers at risk to three of the newly released exploits, the company said.

The "Shadow Brokers" is a group of anonymous hackers that published hacking tools used by the NSA past year. The group attempted to auction off the files but failed, and have been releasing portions of the stolen files in stages.

The documents published by the hacking group list exploits for Windows servers and Windows computers.

Some of the Windows vulnerabilities that were enabling the exploits seemed quite serious, such as remote code execution bugs.

The Shadow Brokers also released information that indicates the NSA hacked a service bureau for the SWIFT funds transfer network.

"Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products", Microsoft says in a statement.

Fairfax was not able to verify the authenticity of the files - and the NSA has not commented on the leak.

The group behind the leak, the Shadow Brokers, didn't clearly explain why they dumped the files. Microsoft itself claims that no organization or individual aside from reporters has contacted the company in regard to the Shadow Brokers' leak.

Turkey vote campaign conducted on 'unlevel playing field': monitors
Guven said the decision was made so that voters who were by mistake given unstamped ballot papers would not be "victimized". He said it was not possible for authorities to determine how many ballot papers may have been irregularly cast.

The SMB 1.0 flaw that got patched in March was actually known in January, according to Matt Suiche, a Microsoft Most Valuable Professional who wrote about The Shadow Broker tools. This got security researchers across the globe extremely anxious and some even suggested Windows users to just turn off their machines for the weekend (and maybe turn them on to fix the issues!? lol).And now, even though Redmond has confirmed that it has patched all exploits, they're looking closely at four of the exploits which were patched just last month - via monthly update patch cycle.

"There is no impact on SWIFT's infrastructure or data, however, we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorised third parties".

Microsoft said the "EnglishmanDentist", "EsteemAudit", and "ExplodingCan" exploits are not reproducible on now supported versions of Windows. However, according to security researcher Nicholas Weaver of the International Computer Science Institute, the methods in the documents show the NSA was going beyond its "official access".

Following the leak, Microsoft released a statement outlining the risks that may have been created by the disclosure.

The exploits are aimed at a number of Windows servers and Windows operating systems, including Windows 7 and Windows 8.

Although, SWIFT has downplayed the breach saying it's not very significant and it had had no evidence of the main SWIFT network being ever accessed without authorization.

A Microsoft spokesperson said: "We are reviewing the report and will take the necessary actions to protect our customers".

Related Articles

  • Richard Sherman and Russell Wilson show support for Isaiah Thomas

    Richard Sherman and Russell Wilson show support for Isaiah Thomas

    The All-Star point guard finished with 33 points, six assists and five rebounds in a 106-102 Game 1 loss. Kevin Durant scored 32 points and pulled down 10 rebounds and Stephen Curry scored 29 for the Warriors.
    Cleveland police made contact with Steve Stephens after Facebook killing

    Cleveland police made contact with Steve Stephens after Facebook killing

    Meanwhile, Stephens' mother, Maggie Green, told CNN the oldest of her three children came by her house Saturday afternoon. Kortemeyer says she hopes that Steve Stephens is "arrested as soon as possible" and that no one else is harmed.
    VP Pence says US commitment to Korea

    VP Pence says US commitment to Korea "iron-clad"

    US Vice President Mike Pence and family members look at North Korea through a telescope at Observation Point Ollet. The rocket launch is seen by South Korea and the U.S.as a disguised test of a banned ballistic missile technology.
  • North Korea attempts to launch missile but fails

    North Korea attempts to launch missile but fails

    Trump has also called for a review of all bilateral trade agreements, including the five year old US-South Korea deal - or KORUS. In 2015, both South Korea and Japan were alarmed after around 50 North Korean submarines suddenly disappeared off their radar.
    Arkansas court blocks execution of both prisoners scheduled to die tonight

    Arkansas court blocks execution of both prisoners scheduled to die tonight

    Lawyers for the state appealed Baker's ruling immediately with the hope of beginning the executions Monday. On Thursday, a pair of drug manufacturers _ Fresenius Kabi USA and West-Ward Pharmaceuticals Corp.
    France's would-be presidents rally in Paris days before vote

    France's would-be presidents rally in Paris days before vote

    She added that if she were elected president of France, she would certainly hold fast to a "France first" outlook. But it's far-right candidate Marine Le Pen Oliver is most anxious about. (In Motion!), in Paris.
  • Oil recoups losses, but U.S. oil output growth weighs

    Oil recoups losses, but U.S. oil output growth weighs

    Fighting in Libya has cut oil output, but state oil company National Oil Corporation has reopened at least one field. The latest indication is that OPEC may be willing to extend its output cut beyond the six months initially planned.
    Pakistan briefs US on 'plight' of Kashmiris, Indo-Pak ties

    Pakistan briefs US on 'plight' of Kashmiris, Indo-Pak ties

    The Pakistani official claimed all legal requirements were fulfilled in the trial of Mr Jadhav which resulted in his conviction. India, however, guarantees that Kulbhushan Jadhav was abducted by Pakistan from Iran.

    Hacker documents show NSA tools for breaching global money transfer system

    Hickey was able to replicate the exploits in his United Kingdom firm's lab and confirmed the authenticity of the leaked spy tools. Matthew Hickey, director of security firm Hacker House, has looked over the leaks and agrees with Microsoft's assessment.
  • N.Korea shows off 'ICBM' during massive parade

    N.Korea shows off 'ICBM' during massive parade

    The timing of the test, coinciding with Pence's trip and a day after the military parade, would suggest deliberate defiance. Kim has warned the USA of launching a pre-emptive nuclear strike, if the United States nuclear forces mobilise against it.
    BIR to review Tan's tax payments

    BIR to review Tan's tax payments

    Under the system, individual tax payers can opt to remit their payments using their bank accounts through on-line fund transfer. Gifford says many who wait until tax day want proof that they sent their returns on time and proof that it has been delivered.
    Both Showtime and HBO to show Anthony Joshua-Wladimir Klitschko fight

    Both Showtime and HBO to show Anthony Joshua-Wladimir Klitschko fight

    The Fury camp have, therefore, been able to make the process of pulling together the fight in New Zealand as hard as possible. By not throwing punches, Wladimir will be a sitting duck for Joshua to cream in front of 90,000 fans. "That was it.