A group of hackers named Shadow Brokers has published a record that is a blatant threat to Windows users: they are hacking tools used by the NSA to attack Windows systems. Firstly, a large part of these attacks are still possible.
On Friday the hacker group Shadow Brokers published a series of exploits, which are from the NSA. These exploits allow the intelligence service to exploit weaknesses in software and to penetrate other systems. Many of the now released exploits are directed against different versions of Windows – apart from various server editions, Windows XP, Windows Vista, Windows 7 and Windows 8 are also affected.
According to security researchers, who are currently investigating the data, security gaps exist to date and allow hacking of Windows systems. In concrete terms, this means that hundreds of millions of Windows users are currently vulnerable until Microsoft releases security updates.
One of the tools that the NSA has named Fuzzbunch. According to the first investigations, this is a kind of toolkit, which is equipped with various exploits and can be used to carry out attacks against almost every Windows version.
Exploits directed against Windows 10 do not include the record. Users of the latest Microsoft operating system are not directly at risk. However, there is the possibility that some of the security holes may also exist in Windows 10 and can be exploited. The fact that no attacks against Windows 10 sits in the record is probably due to the time when the data of the NSA were stolen. It can be assumed that the secret service is now in a position to exploit security holes in Windows 10.
The current case shows how secret services are compromising the security of computer users easily and in their own interests. The exploits now released were publicly offered for sale in the summer of last year – the NSA would already have responded and warned affected software producers such as Microsoft to close the relevant security gaps.
This warning should have taken place no later than January, when the Shadow Brokers published a list of the exploits exploited. Even after this time, however, no warning of the secret services appeared. As a result, security holes are still present in numerous Windows versions. Until developers of malicious software exploit the exploits now released, only a few hours and days will pass. Microsoft can not react fast enough, close security gaps, and distribute updates. In addition, NSA did not consider it necessary to inform the company for at least four months.