|

Η Microsoft έχει ήδη κλείσει την "πόρτα" στα hacking tools της NSA


Η Microsoft καθησύχασε τους -υπερβολικούς- φόβους που εκδηλώθηκαν μετά την νέα διαρροή των hacking tools της NSA για συστήματα με Windows και την δυνατότητα της NSA να αποκτάει εύκολη πρόσβαση σε αυτά.

Σύμφωνα με την ανακοίνωση της και μετά από έλεγχο και επιβεβαίωση των αποτελεσμάτων, αναφέρει πως όλα τα κενά ασφαλείας που έκαναν χρήση τα εργαλεία λογισμικού που διέρρευσε το Shadow Brokers group, είναι κλεισμένα σε όλες τις νεώτερες εκδόσεις των Windows.
Σε αυτές περιλαμβάνονται όλες οι εκδόσεις, από τα Windows 7 ως τα Windows 10. Αυτό αφήνει ακόμα εκτεθειμένους τους υπολογιστές με Windows XP (που εξακολουθούν να έχουν μεγάλο ποσοστό χρήσης) και Vista.
Today, Microsoft triaged a large release of exploits made publicly available by Shadow Brokers. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. Our engineers have investigated the disclosed exploits, and most of the exploits are already patched. Below is our update on the investigation.

When a potential vulnerability is reported to Microsoft, either from an internal or external source, the Microsoft Security Response Center (MSRC) kicks off an immediate and thorough investigation. We work to swiftly validate the claim and make sure legitimate, unresolved vulnerabilities that put customers at risk are fixed. Once validated, engineering teams prioritize fixing the reported issue as soon as possible, taking into consideration the time to fix it across any impacted product or service, as well as versions, the potential threat to customers, and the likelihood of exploitation.

Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products. Below is a list of exploits that are confirmed as already addressed by an update. We encourage customers to ensure their computers are up-to-date.

Code Name Solution
“EternalBlue” Addressed by MS17-010
“EmeraldThread” Addressed by MS10-061
“EternalChampion” Addressed by CVE-2017-0146 & CVE-2017-0147
“ErraticGopher” Addressed prior to the release of Windows Vista
“EsikmoRoll” Addressed by MS14-068
“EternalRomance” Addressed by MS17-010
“EducatedScholar” Addressed by MS09-050
“EternalSynergy” Addressed by MS17-010
“EclipsedWing” Addressed by MS08-067


Of the three remaining exploits, “EnglishmanDentist”, “EsteemAudit”, and “ExplodingCan”, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk. Customers still running prior versions of these products are encouraged to upgrade to a supported offering.

We have long supported coordinated vulnerability disclosure as the most effective means to ensure customers and the computing ecosystem remains protected. This collaborative approach enables us to fully understand an issue and to deliver protection before customers are at risk due to public disclosure of attack methods. We work closely with security researchers worldwide who privately report concerns to us at secure@microsoft.com. We also offer bug bounties for many reported vulnerabilities to help encourage researchers to disclose responsibly. 
[via]