20160224stockmwcmicrosoftwindows10signs100647702orig100696872orig
Security

Microsoft: Past patches address leaked NSA exploits

Microsoft said it has already patched vulnerabilities revealed in Friday’s high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they’ve kept their software up-to-date.

Friday’s leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008.

However, Microsoft said several patches -- one of which was made only last month -- address the vulnerabilities.

“Our engineers have investigated the disclosed exploits, and most of the exploits are already patched,” the company said in a blog post late on Friday.

Three of the exploits found in the leak have not been patched but do not work on  platforms that Microsoft currently supports, such as Window 7 or later and Exchange 2010 or later. 

“Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” the company said.

Matthew Hickey, director of security firm Hacker House, has looked over the leaks and agrees with Microsoft’s assessment.

He advises that businesses, which often delay patches for operational purposes, move quickly to install the Microsoft fixes to mission critical servers.  Hickey demonstrated in a video that one of the exploits in the leak can easily trigger remote code execution in a machine running Windows Server 2008 R2 SP1.

The patch, MS17-010, addresses the exploit. Microsoft issued the fix last month, but it’s unclear how the company learned of the security issue.

“Microsoft doesn't credit anyone for the report behind the March patch,” tweeted former NSA contractor Edward Snowden. He wonders whether the NSA tipped off Microsoft.

Friday’s high-profile leak was the latest disclosure from a mysterious group known as the Shadow Brokers. The group has been posting files suspected to originate from the NSA since last August.

Security experts say Friday's disclosure is probably another blow to the U.S. spy agency. The Shadow Brokers have also warned they have more files to release.

IDG Insider

PREVIOUS ARTICLE

« Microgrids: Energy independence (and money saved) for companies

NEXT ARTICLE

Leaked NSA exploits plant a bull's-eye on Windows Server »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Amazon Cloud looms over China: Bezos enters Alibaba home ground

Lewis Page gets down to business across global tech

Poll

Do you think your smartphone is making you a workaholic?