Microsoft says NSA's leaked Windows hacks blocked, users secure
The leaked tools attempt to exploit vulnerabilities that have already been patched, Microsoft says in a statement
Hacker group Shadow Brokers let loose a pack of tools which allegedly belonged to the NSA and were used for breaking into Windows systems across the world. It stated that almost every single Windows version out there was susceptible to attacks.
The news timing of the leak was terrible for the security of Windows users, the reason being that this happened before the weekend and during the Easter holiday for many, thus making mitigation deployment rather slow.
And although it looked like the end of the world for Windows users, as some experts have called it, Microsoft says there’s absolutely no reason to be worried.
The leaked tools attempt to exploit vulnerabilities that have already been patched, Microsoft says in a statement, so if you bring your system fully up to date, there’s no chance hackers can hijack your system.
“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” Microsoft says in a statement.
One of the vulnerabilities as the company indicates is quite old and has been fixed before the release of Windows Vista, while others were addressed with more recent bulletins.
The key word in Microsoft’s statement, however, is the “supported” term, and this means that only Windows versions still receiving updates are secure. Windows XP, for example, could be vulnerable to attacks, as it no longer gets updates since April 2014.
“Of the three remaining exploits, ‘EnglishmanDentist’, ‘EsteemAudit’, and ‘ExplodingCan’, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk. Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” Microsoft says.
Some security experts have recommended users to go offline during the weekend or until a patch is released, but Microsoft has stated that all you have to do is make sure that your computer is fully updated, no matter the Windows version. So if you are running Windows 7 or newer and all updates are installed, the NSA Windows hacks leak shouldn’t affect you.