Microsoft quietly patched Shadow Brokers’ hacking tools – ZDNet
Microsoft has confirmed that many of the NSA’s hacking tools made to target Windows published earlier recently have been patched.
The spokesperson said in an email in the center of the night that the company has “investigated and confirmed that the exploits revealed by the Shadow Brokers have already been resolved by previous updates to our backed products. ”
The company followed within the late-night blog post observing that nine of the disclosed intrusions were patched as recently as Mar , while three other intrusions weren’t able to be reproduced on backed platforms and didn’t require sections.
Those exploits might have allowed an attacker to bargain affected computers on a range of Home windows versions.
Microsoft isn’t anticipated to fix some of the insects as they affect versions of Home windows that are no longer supported. (In some other words, if you’re still running a good aged version of Windows, at this point might be a good time to upgrade. )
This entire fable most started Friday following a hacker group known as the Shadow Agents released tools designed to target Home windows PCs and servers, along with delivering presentations and files purporting to details the agency’s methods of carrying out clandestine surveillance.
Some of the equipment appeared to target the SWIFT financial system, according to classified documents found in the particular cache .
Protection researchers spent most of the day trying to puzzle out how the various exploits worked simply by testing the exploits in various digital machines in their respective labs. One particular researcher, Matthew Hickey (known because “Hacker Fantastic”) later noted that his tests were operate on a fresh install of Windows — in other words, it was missing March’s sections — which as a result he later on discounted.
Even though patches have been rolled out, queries remain about the disclosure process.
Microsoft, and other companies, frequently receive disclosure reports from protection researchers, and almost always acknowledge their particular work in the separate note .
But even though Microsoft had patched the flaws, the company didn’t state what the source of the vulnerability record was, as something noted simply by security researcher The Grugq in a tweet . He suggested that the NSA have been in contact directly about the vulnerabilities, which usually it lost control of when the Darkness Brokers obtained a copy from the agency’s hacking toolkit, and understood which exploits were at risk as early as The month of january . The government and its agencies are usually known to disclose flaws, and often get public acknowledgement for their disclosures.
Microsoft said on Fri that, “other than reporters, simply no individual or organization has approached us in relation to the materials launched by Shadow Brokers. ”
A spokesperson did not instantly return our questions, specifically in case Microsoft was asked to hold back the name of the person or individual who documented the vulnerabilities.
We will update once we get it.