Vulnerabilities leaked by Shadow Brokers already fixed, claims Microsoft
Microsoft has said that the vulnerabilities exposed by anonymous hacking group Shadow Brokers were addressed by prior patches, a media report said. Microsoft researchers were working till late on Friday and addressed the issue for systems running Windows 7 and later, Tech Crunch reported on Sunday. “We have investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products. Customers with up-to-date software are already protected,” the company was quoted as saying. The company also said it verified the exploits and discovered that nine were already been addressed by previously issued patches. Microsoft Security Response Center recommends that users keep their machines up to date to ensure that they’re protected. The “Shadow Brokers” is a group — believed to be tied to the Russian government — of anonymous hackers that published hacking tools used by the NSA last year. According to experts, the leaks, published by the Shadow Brokers on Friday, targeted a variety of Windows servers and Windows operating systems, including Windows 7 and Windows 8, CNN reported. The document dump — which is mostly lines of computer code — amounts to an emergency for Microsoft because the hacks consist of a variety of “zero-day exploits” that can serve to infiltrate Windows machines for purposes of espionage, vandalism, or document theft. The group also published another set of documents that indicate that NSA penetrated the SWIFT banking network in the Middle East. The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardised and reliable environment. “This reportedly gave the US spy service a window into the financial activities of a range of organisations, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen and the Palestinian territories,” said a report in The Wired on Saturday. Meanwhile, EastNets Service Bureau, that provides outsourced SWIFT connectivity, on Saturday denied that its bureau was compromised and said that the reports of hack are “totally false and unfounded”. Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities.