Windows 10: Hacking tools were stolen from NSA - Almost all Windows affected

Page 4 of 15 FirstFirst ... 2345614 ... LastLast
  1.    16 Apr 2017 #31

    Update: April 15, 2017
    Late Friday night, Microsoft published a blog post stating that after an analysis of the ShadowBrokers leak, it had determined that most of the vulnerabilities were patched in a series of Windows updates released in March — updates that security researchers who analyzed the NSA tools apparently neglected to install. This means the exploits in question were not in fact “zero days” and that anyone running the most recent updates on software still supported by Microsoft is safe from the ShadowBrokers arsenal. But the timing of the patch in question is interesting: If Microsoft truly did not receive any help from the NSA, as it claims, the fact that it fixed a litany of holes vulnerable to secret NSA tools exactly a month before those tools were made public is an amazingly fortunate coincidence (curiously, Microsoft skipped the usual acknowledgements section with the patch, which typically nods to how they were informed of the threats fixed in a given update). At any rate, this is certainly good news for Windows users who keep their computers up to date, good news for Microsoft, and still very bad news for the NSA.
    Leaked NSA Malware Threatens Windows Users Around the World
    .
      My ComputerSystem Spec


  2. Posts : 37,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       16 Apr 2017 #32

    Thanks for that good news, @simrick.
      My ComputersSystem Spec

  3.    22 Apr 2017 #33

    New Information


    10,000 Windows computers may be infected by advanced NSA backdoor | Ars Technica

    Security experts believe that tens of thousands of Windows computers may have been infected by a highly advanced National Security Agency backdoor. The NSA backdoor was included in last week's leak by the mysterious group known as Shadow Brokers.

    DoublePulsar, as the NSA implant is code-named, was detected on more than 107,000 computers in one Internet scan. That scan was performed over the past few days by researchers from Binary Edge, a security firm headquartered in Switzerland. Binary Edge has more here. Separate mass scans, one done by Errata Security CEO Rob Graham and another by researchers from Below0day, detected roughly 41,000 and 30,000 infected machines, respectively. To remain stealthy, DoublePulsar doesn't write any files to the computers it infects. This design prevents it from persisting after an infected machine is rebooted. The lack of persistence may be one explanation for the widely differing results.

    Not everyone is convinced the results are accurate. Even 30,000 infections sounds extremely high for an implant belonging to the NSA, a highly secretive agency that almost always prefers to abort a mission over risking it being detected. Critics speculate that a bug in a widely used detection script is generating false positives. Over the past 24 hours—as additional scans have continued to detect between 30,000 and 60,000 infections—a new theory has emerged: copycat hackers downloaded the DoublePulsar binary released by Shadow Brokers. The copycats then used it to infect unpatched Windows computers.
    In a statement issued several hours after this post went live, Microsoft officials wrote: "We doubt the accuracy of the reports and are investigating." For the moment, readers should consider the results of these scans tentative and allow for the possibility that false positives are exaggerating the number of real-world infections. At the same time, people should know that there's growing consensus that from 30,000 to 107,000 Windows machines may be infected by DoublePulsar. Once hijacked, those computers may be open to other attacks.
      My ComputerSystem Spec

  4. AndreTen's Avatar
    Posts : 14,219
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       22 Apr 2017 #34

    Thanks for the update simrick.

    have read about it on Softpedia today. ARS is missing this statement, which is important from my point of view...

    Vulnerability patched in March
    The worst thing is that the vulnerability that hackers are trying to exploit was already patched by Microsoft in March this year with MS17-010, so this means that systems that got compromised weren’t actually running this update.
    The patch is aimed at systems running Windows Vista SP2 and newer, so users on Windows XP can be easily infected, with no way to deploy the patch because support is no longer provided. Everyone else needs to deploy the patch as soon as possible.
      My ComputersSystem Spec

  5.    22 Apr 2017 #35

    AndreTen said: View Post
    Thanks for the update simrick.

    have read about it on Softpedia today. ARS is missing this statement, which is important from my point of view..

    Vulnerability patched in March
    The worst thing is that the vulnerability that hackers are trying to exploit was already patched by Microsoft in March this year with MS17-010, so this means that systems that got compromised weren’t actually running this update.
    The patch is aimed at systems running Windows Vista SP2 and newer, so users on Windows XP can be easily infected, with no way to deploy the patch because support is no longer provided. Everyone else needs to deploy the patch as soon as possible.
    Yes - very important!
      My ComputerSystem Spec

  6.    22 Apr 2017 #36

    its a dastardly plot by MS to make you all buy new pc's
      My ComputerSystem Spec

  7.    22 Apr 2017 #37

    elbmek said: View Post
    its a dastardly plot by MS to make you all buy new pc's
      My ComputerSystem Spec

  8. Wiley Coyote's Avatar
    Posts : 853
    Windows 10 Home x64 Version 1803 (OS Build 17134.319)
       22 Apr 2017 #38

    simrick, you think his paranoia's showing?
      My ComputersSystem Spec

  9.    22 Apr 2017 #39

    CWGilley said: View Post
    simrick, you think his paranoia's showing?
      My ComputerSystem Spec

  10.    22 Apr 2017 #40

    My paranoia is on the first Black Sabbath album.
    Attached Thumbnails Attached Thumbnails DSC00161.jpg  
      My ComputerSystem Spec


 
Page 4 of 15 FirstFirst ... 2345614 ... LastLast

Related Threads
Remote hacking in AntiVirus, Firewalls and System Security
I believe I am being remotely monitored. My task manager spikes whenever this person uses their computer and I have very odd programs running. I have a dell windows 10 upgraded from 7. Can someone lead me thru steps on how to find it and eliminate...
Will dual boot windows 10 1511 and ubuntu 16.04 be affected by anniversary update. Henry
As the title says, my old laptop was stolen how do I remove access to my Microsoft account form it?
Stolen asus laptop s/n f6n0cv02692323a in AntiVirus, Firewalls and System Security
Hi guys, new to this forum and requesting any possible help. My laptop has been stolen and I didn't have any tracking program installed. Is there any way it can be located again? It also has a password on the startup lockscreen but I am not sure if...
Would Windows 10 Phone affected by the same virus with Win 10 PC? in AntiVirus, Firewalls and System Security
So I just had a thought: if Windows 10 for Phone can run continuum and be a PC, then a virus or any malicious software can infect a phone just like it would in a laptop/desktop? Another thought: what if the virus can manipulate OneDrive sync and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 23:03.
Find Us