Windows users urged to update computers after major NSA hacking tool release

The company says it has already addressed 'most of the exploits' 

Aatif Sulleyman
Monday 17 April 2017 06:02 EDT
Comments
One of Microsoft's patches was issued as recently as last month
One of Microsoft's patches was issued as recently as last month (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Windows users are being told to update their computers after a hacking group released a collection of exploits designed to help cybercriminals break into Microsoft’s software.

The tools, which were released by the Shadow Brokers group, had allegedly been stolen from the US’ National Security Agency (NSA) last summer.

It is believed that NSA spies had been using the exploits to secretly break into computers running older versions of Windows, including XP and Vista.

Microsoft says “most of the exploits” have already been addressed with a series of patches – one of which was issued as recently as last month – but warned Windows users to make sure their devices are up to date.

“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” the company wrote in a blog post. “We encourage customers to ensure their computers are up-to-date.”

Users running the latest versions of the Windows operating systems still supported by Microsoft will be safe from the EternalBlue, EmeraldThread, EternalChampion, ErraticGopher, EsikmoRoll, EternalRomance, EducatedScholar, EternalSynergy and EclipsedWing exploits.

“Of the three remaining exploits, ‘EnglishmanDentist’, ‘EsteemAudit’, and ‘ExplodingCan’, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk,” added Microsoft.

“Customers still running prior versions of these products are encouraged to upgrade to a supported offering.”

Microsoft has hinted that the NSA didn’t warn it about the release, with a spokesperson telling Reuters, “Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers.”

However, Edward Snowden, who previously claimed that the NSA “did not warn Microsoft” about the Shadow Brokers release, has suggested that the organisation may have tipped off the tech firm ahead of its March patch, tweeting, “Microsoft doesn't credit anyone for the report behind the March patch. Was it @NSAGov? If so, it was the right call. Better late than never.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in