Saturday, April 15, 2017

Not Impressed: Microsoft Says Exploits Already Patched

Microsoft says all of the security flaws exposed in Friday's leak of National Security Agency (NSA) hacking tools were already fixed in supported versions of its software.

In a late Friday blog post, a top Microsoft security figure lists the NSA hacking tools published Friday by the leakers known as "The Shadowbrokers," and notes the specific software update that patched each flaw that every individual tool exploited.


Shadow Brokers' big Windows gotcha moment for millions of Windows users around the world looks more like a "not so fast."
"We've investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products. Customers with up-to-date software are already protected." a Microsoft spokesperson told Mashable overnight.

This news doesn't entirely sync with what NSA leaker Edward Snowden tweeted yesterday, where he claimed that the exploits affected patched Windows systems.

This is not a drill: #NSA exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft.

— Edward Snowden (@Snowden) April 14, 2017

Microsoft's blog post on the hack, however, lists nine of the dozen exploits and the exact patches that closed the holes: