Plenty of Microsoft Windows users would have been concerned over the weekend. It emerged that a hacker group called “Shadow Brokers” published numerous exploits that affect the Windows OS. The group also released information that the exploits had been created by the NSA. More worrying, the tools had then been stolen for the government agency.
Naturally, organizations and individuals running Windows were left concerned that they had been breached. Microsoft has eased some of that concern today with confirmation that it has already patched Windows to stop these exploits.
The Shadow Brokers released tools that are years old. Microsoft says that the exploits do not affect Windows 10, which has been patched. The company adds that all versions of the OS that it currently supports are also patched.
This means Windows 7 (currently in extended 5-year support) and Windows 8.1 are definitely secured. Windows XP has left support, so it is not patched, while Windows Vista left support last week, so perhaps it was fixed in time.
If anything, situations like this show that Microsoft's instance that customers upgrade to newer builds is important. XP is still widely used by millions of enterprise users, but it is wide open to exploits such as this.
Of course, the most worrying aspect of this whole episode is that the US government has the ability to create and then lose such exploits. The good news is, Microsoft somehow found out about the exploits before they were made public.
Making a Fix
“When a potential vulnerability is reported to Microsoft, either from an internal or external source, the Microsoft Security Response Center (MSRC) kicks off an immediate and thorough investigation,” the company says.
“We work to swiftly validate the claim and make sure legitimate, unresolved vulnerabilities that put customers at risk are fixed. Once validated, engineering teams prioritize fixing the reported issue as soon as possible, taking into consideration the time to fix it across any impacted product or service, as well as versions, the potential threat to customers, and the likelihood of exploitation.”
Some researchers point out that Microsoft has patched using a different naming method for reports. This could mean that the company was tipped off by either the NSA or indeed the hacking group.