NSA Exploits Ported To Work on All Windows Versions Released Since Windows 2000 (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

NSA Exploits Ported To Work on All Windows Versions Released Since Windows 2000 (bleepingcomputer.com)

Posted by msmash on Monday February 5, 2018 @02:46AM from the security-woes dept.

Catalin Cimpanu, reporting for BleepingComputer: A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. The three exploits are EternalChampion, EternalRomance, and EternalSynergy; all three leaked last April by a hacking group known as The Shadow Brokers who claimed to have stolen the code from the NSA. Several exploits and hacking tools were released in the April 2017 Shadow Brokers dump, the most famous being EternalBlue, the exploit used in the WannaCry, NotPetya, and Bad Rabbit ransomware outbreaks.

1 of 95 comments (clear)

Min score:

Reason:

Sort:

Re:"All versions", yeah right by Anonymous Coward · 2018-02-05 06:53 · Score: 2, Informative

Interesting that he went for a 2 year old version of Windows 10. Would have been much more interesting if he tested the latest patched versions of all OS's.

He did, although you have to read the article linked in the article linked from the summary to know this.
He tested on FOUR different versions of Windows 10:
10.10240 - vulnerable
10.10586 - vulnerable
10.14393 - vulnerable
10.16299 - NOT VULNERABLE
Also 10.16299 is from October 2017, which is only 5 months old right now, not 24 months as you imply.
10.10586 and 10.14393 are both not 24 months old yet either.
Only one version in that list, 10.10240, is more than 24 months old. But seeing as four isn't one as you claim, I'm not counting that as a correct statement either.

If he did that for Windows 10, won't surprise me if he also used unpatched versions of Windows 8.1 and 7.
Of course he did, and says so. He also tested the fully patched versions along with them.
Windows 7: Release version, SP0, SP1, and SP1 with the KB3020369 rollup.
The first ones are older unpactched versions, or specifically for SP0 and SP1, they are patched just not the latest patches.
The latest would be the KB3020369 rollup, which is also vulnerable.
Windows 8.1: Release version, Evaluation 9600, and SP1.
The first is unpatched, the second is the beta for SP1 so is patched but not the latest patches, and SP1 is the latest. All are vulnerable.