Hacking tools were stolen from NSA - Almost all Windows affected

Page 4 of 15 FirstFirst ... 2345614 ... LastLast

  1. Posts : 16,278
    W10Prox64
       #31

    Update: April 15, 2017
    Late Friday night, Microsoft published a blog post stating that after an analysis of the ShadowBrokers leak, it had determined that most of the vulnerabilities were patched in a series of Windows updates released in March — updates that security researchers who analyzed the NSA tools apparently neglected to install. This means the exploits in question were not in fact “zero days” and that anyone running the most recent updates on software still supported by Microsoft is safe from the ShadowBrokers arsenal. But the timing of the patch in question is interesting: If Microsoft truly did not receive any help from the NSA, as it claims, the fact that it fixed a litany of holes vulnerable to secret NSA tools exactly a month before those tools were made public is an amazingly fortunate coincidence (curiously, Microsoft skipped the usual acknowledgements section with the patch, which typically nods to how they were informed of the threats fixed in a given update). At any rate, this is certainly good news for Windows users who keep their computers up to date, good news for Microsoft, and still very bad news for the NSA.
    Leaked NSA Malware Threatens Windows Users Around the World
    .
      My Computer


  2. Posts : 5,833
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       #32

    Thanks for that good news, @simrick.
      My Computers


  3. Posts : 16,278
    W10Prox64
       #33

    New Information


    10,000 Windows computers may be infected by advanced NSA backdoor | Ars Technica

    Security experts believe that tens of thousands of Windows computers may have been infected by a highly advanced National Security Agency backdoor. The NSA backdoor was included in last week's leak by the mysterious group known as Shadow Brokers.

    DoublePulsar, as the NSA implant is code-named, was detected on more than 107,000 computers in one Internet scan. That scan was performed over the past few days by researchers from Binary Edge, a security firm headquartered in Switzerland. Binary Edge has more here. Separate mass scans, one done by Errata Security CEO Rob Graham and another by researchers from Below0day, detected roughly 41,000 and 30,000 infected machines, respectively. To remain stealthy, DoublePulsar doesn't write any files to the computers it infects. This design prevents it from persisting after an infected machine is rebooted. The lack of persistence may be one explanation for the widely differing results.

    Not everyone is convinced the results are accurate. Even 30,000 infections sounds extremely high for an implant belonging to the NSA, a highly secretive agency that almost always prefers to abort a mission over risking it being detected. Critics speculate that a bug in a widely used detection script is generating false positives. Over the past 24 hours—as additional scans have continued to detect between 30,000 and 60,000 infections—a new theory has emerged: copycat hackers downloaded the DoublePulsar binary released by Shadow Brokers. The copycats then used it to infect unpatched Windows computers.
    In a statement issued several hours after this post went live, Microsoft officials wrote: "We doubt the accuracy of the reports and are investigating." For the moment, readers should consider the results of these scans tentative and allow for the possibility that false positives are exaggerating the number of real-world infections. At the same time, people should know that there's growing consensus that from 30,000 to 107,000 Windows machines may be infected by DoublePulsar. Once hijacked, those computers may be open to other attacks.
      My Computer


  4. Posts : 26,940
    Windows 10 (Pro and Insider Pro)
    Thread Starter
       #34

    Thanks for the update simrick.

    have read about it on Softpedia today. ARS is missing this statement, which is important from my point of view...

    Vulnerability patched in March
    The worst thing is that the vulnerability that hackers are trying to exploit was already patched by Microsoft in March this year with MS17-010, so this means that systems that got compromised weren’t actually running this update.
    The patch is aimed at systems running Windows Vista SP2 and newer, so users on Windows XP can be easily infected, with no way to deploy the patch because support is no longer provided. Everyone else needs to deploy the patch as soon as possible.
      My Computers


  5. Posts : 16,278
    W10Prox64
       #35

    AndreTen said:
    Thanks for the update simrick.

    have read about it on Softpedia today. ARS is missing this statement, which is important from my point of view..

    Vulnerability patched in March
    The worst thing is that the vulnerability that hackers are trying to exploit was already patched by Microsoft in March this year with MS17-010, so this means that systems that got compromised weren’t actually running this update.
    The patch is aimed at systems running Windows Vista SP2 and newer, so users on Windows XP can be easily infected, with no way to deploy the patch because support is no longer provided. Everyone else needs to deploy the patch as soon as possible.
    Yes - very important!
      My Computer


  6. Posts : 2,120
    Win 11 x 64 Home. Pro x 64 on Surface.
       #36

    its a dastardly plot by MS to make you all buy new pc's
      My Computer


  7. Posts : 16,278
    W10Prox64
       #37

    elbmek said:
    its a dastardly plot by MS to make you all buy new pc's
      My Computer


  8. Posts : 1,097
    Windows 10 Home x64 Version 1809 (OS Build 17763.437)
       #38

    simrick, you think his paranoia's showing?
      My Computer


  9. Posts : 16,278
    W10Prox64
       #39

    CWGilley said:
    simrick, you think his paranoia's showing?
      My Computer


  10. Posts : 2,120
    Win 11 x 64 Home. Pro x 64 on Surface.
       #40

    My paranoia is on the first Black Sabbath album.
    Attached Thumbnails Attached Thumbnails Hacking tools were stolen from NSA - Almost all Windows affected-dsc00161.jpg  
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:17.
Find Us




Windows 10 Forums