Hacker group Shadow Brokers had leaked out a few too many tools, which allegedly belonged to the NSA, on the dark web. These tools are said to be able to penetrate through the security of Microsoft Windows, helping hackers steal data from various computers around the world. It is said that almost all versions of Microsoft Windows out there are vulnerable to these tools.
However, though most security experts had called it as the end for the world of Windows users, Microsoft said that there’s no reason to be worried as the exploit vulnerabilities have already been patched.
In an official statement, on April 14, 2017, released by Microsoft, the company said that, ‘Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products.’ Microsoft has released a list of exploits that are confirmed by them as patched using an update. The list is as follows:
EternalBlue: Addressed by MS17-010
EmeraldThread: Addressed by MS10-061
EternalChampion: Addressed by CVE-2017-0146 & CVE-2017-0147
ErraticGopher: Addressed prior to the release of Windows Vista
EsikmoRoll: Addressed by MS14-068
EternalRomance: Addressed by MS17-010
EducatedScholar: Addressed by MS09-050
EternalSynergy: Addressed by MS17-010
EclipsedWing: Addressed by MS08-067
Microsoft also said that, ‘Of the three remaining exploits, “EnglishmanDentist”, “EsteemAudit”, and “ExplodingCan”, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk. Customers still running prior versions of these products are encouraged to upgrade to a supported offering.’
Users are advised to immediately update their operating systems to avail of the security patches.
Do note, Microsoft Windows XP and Windows Vista will no longer receive these patches as they have crossed their end of support dates. So if you are using Windows XP or Windows Vista, you should consider upgrading your operating system at the earliest, unless you are using it offline or for basic purposes with no important data that can affect you. However, it is still not recommended to use the older operating system platforms. Those using Windows 7 and above should be safe, provided they update the operating system on a timely basis.
[source:-decanchronicle]