Previously unknown hacks for Microsoft's Windows operating system have now come to light as the infamous "The Shadow Brokers" group has started to continue their activities once again. The group, who alleged stole their Hacking Tools from the NSA, has now dumped the different tools online. The tools are capable of breaching Microsoft's different Windows products.
Affected Windows versions
The allegedly working exploits are reportedly made to hack into Windows PCs running Windows XP up to Windows 8. This includes all versions in between, namely Windows Vista and Windows 7.
Since the stolen NSA tools were acquired back in 2013, Windows 10 doesn't seem to be affected as the tools predate the release of the latest operating system.
However, this doesn't necessarily mean that Windows 10 is not vulnerable. Fortunately, initial reports from those who have tried out the hacking tools have revealed that the tools currently doesn't work on the latest OS version. Some of the tools that were released, including ETERNALBLUE and FUZZBUNCH, are remote tools that exploit different vulnerabilities within the different operating system versions.
Microsoft's course of action
Over the weekend, Microsoft sent out a statement reassuring fans that all of the tools that were leaked have been patched and that users should be safe from them.
However, a further investigation from several individuals has revealed that four out of the seven tools were actually patched just last month. This indicates that the company may have been made aware of their existence right before "The Shadow Brokers" had the chance to sell them.
Should there be a cause for concern
According to a report from a Senior Security Research Engineer at Tripwire, most PCs behind a firewall or a router should be relatively safe.
The tools apparently attack computers on local network protocols directly connected to the Internet, which they use to move from one system to another within a network. PCs that are running the latest first party or third party antivirus software, such as Windows Defender or McAfee, should also be relatively safe.
However, business and companies that rely on connected services should still proceed with caution.
There is still a possibility that the codes used in the tools could be modified and that they could be used to hack into the system through various other methods. Aside from being executed via the internet, the tools could be modified to work with emails or even with a USB dongle.
