Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Exploits Ported To Work on All Windows Versions Released Since Windows 2000 (bleepingcomputer.com)

Posted by msmash on from the security-woes dept.

Catalin Cimpanu, reporting for BleepingComputer: A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. The three exploits are EternalChampion, EternalRomance, and EternalSynergy; all three leaked last April by a hacking group known as The Shadow Brokers who claimed to have stolen the code from the NSA. Several exploits and hacking tools were released in the April 2017 Shadow Brokers dump, the most famous being EternalBlue, the exploit used in the WannaCry, NotPetya, and Bad Rabbit ransomware outbreaks.

45 of 95 comments (clear)

  1. What about Eternal Death Slayer by HumanWiki · · Score: 1

    4.... "It's EDS 4."

  2. Windows always excelled at backward compatibility by JoeyRox · · Score: 5, Funny

    That's called taking care of your installed base.

  3. Penguin by Anonymous Coward · · Score: 1

    I guess Linus and his penguin flock will be having a field day.

  4. Are any of these true 'remote explots'? by Anonymous Coward · · Score: 1

    Or must you visit a malicious web site, or firewalls be down, open shares and what not? I'm generally only worried about true remote exploits, the last I knew of for Windows was in 2001ish, "MS Blast".

  5. The good old days by DNS-and-BIND · · Score: 2, Funny

    Remember when we chalked the NSA up on our side? They might have been a secretive government agency, but no matter what they did they had our interests at heart. Those were the days, weren't they?

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    1. Re:The good old days by DNS-and-BIND · · Score: 4, Insightful

      They no longer regard themselves as under the control of the elected government. James Clapper was director of National Intelligence when he lied under oath to Congress and the American people saying we were not spying on innocent Americans. Good thing Scandal Free Obama was in charge and the media didn't care.

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    2. Re:The good old days by DNS-and-BIND · · Score: 1, Insightful

      Yeah, we know. You hate us Americans. Don't think that you need to repeat yourself: I'm here to tell you, your message has been received, loud and clear.

      All I'm hearing is that non-Americans want Americans to act not in the best interests of themselves, but the best interests of non-Americans and special interests. I don't really give a rat's ass, and it's particularly hilarious coming from Europeans.

      "Americans cannot care more for your childrenâ(TM)s future security than you do."

      -- Maddog Mattis

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    3. Re:The good old days by HiThere · · Score: 3, Insightful

      Given the currently known evidence, it actually does appear that in the 1960's the NSA was partially on the side of secure communications. It's true they argued for a key short enough that they could break it, but they also argued for some program changes that nobody else understood, but which eventually turned out to patch the program to make it more difficult to break.

      The problem is that the NSA is inherently two different organizations with conflicting goals. One is supposed to secure communications, and the other is supposed to spy on them. (Nevermind that it's only supposed to spy on foreigners. That's irrelevant to the point.) Unfortunately the spys are more adept at politics than the security researchers, so they appear have come to totally dominate the agency...and as a result nobody sensible trusts anything related to it.

      --

      I think we've pushed this "anyone can grow up to be president" thing too far.
    4. Re:The good old days by sjames · · Score: 1

      Neither of them are supposed to act like bumbling fools and release 0 day exploits to hacker groups. Three of the most damaging crypto locker type attacks out there can be directly attributed to the idiots at the NSA that couldn't secure their weapons.

      I'm pretty sure irresponsible idiots running around with weapons isn't in anyone's interest.

  6. Re:Windows always excelled at backward compatibili by rsilvergun · · Score: 1

    Yeah, but you get much better framerates in Win 10 thank to Direct X 12. Sadly they're a Windows Store exclusive.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  7. Dodged a bullet there... by rwbaskette · · Score: 4, Funny

    ... I'm still running NT Workstation

    1. Re:Dodged a bullet there... by IWantMoreSpamPlease · · Score: 2

      I know you jest, but I actually installed NT 4.0 workstation last year onto a laptop built in the post 2000 era.
      *Very* challenging (drivers being a huge issue), but in the end, I had a laptop that booted in seconds, and was quite useless online (but it was funny to see webpages attempt to render on a platform that didn't recognize the web-programming languages.)

      One of the biggest challenges was simply finding SPs and patches. MS of course wiped them all out, and many websites were simply pointing back to MS's site for the files. In the end I found all the patches and tricks I needed, but my we have come a long way from NT days...

      --
      So rise up, all ye lost ones, as one, we'll claw the clouds.
    2. Re:Dodged a bullet there... by AmiMoJo · · Score: 1

      I'm surprised it booted so fast. I used one of the Alpha versions of NT (v3?) which was pretty slow, but Server was far worse. Had one machine doing Lotus that took 30 minutes to reboot, although that might have been IBM's fault.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:Dodged a bullet there... by IWantMoreSpamPlease · · Score: 1

      This was a naked NT 4 Workstation. It was such a chore getting everything working right, that I really didn't bother putting any software on it. Opera and ad-muncher, and that was it.

      So once you went past the BIOS load-up screens, yeah, NT zipped right along.

      --
      So rise up, all ye lost ones, as one, we'll claw the clouds.
    4. Re:Dodged a bullet there... by IWantMoreSpamPlease · · Score: 1

      Whoosh.
      That's the sound of the post going over your head.
      But apparently you're too stupid to realize that.

      --
      So rise up, all ye lost ones, as one, we'll claw the clouds.
    5. Re:Dodged a bullet there... by aliquis · · Score: 1

      I boot Windows 10 in seconds. And I don't even have a fast SSD.

      i7 8700K on Z370-F Strix with Samsung EVO 850 SATA 250 GB.

  8. Re:So we were right all along by julian67 · · Score: 1

    This can be mitigated via echolonic irrigation. Pro Tip: take good care of your phat pipe.

  9. Good news everyone! by Virtucon · · Score: 3, Funny

    At least the NSA won't be able to use those exploits anymore.

    --
    Harrison's Postulate - "For every action there is an equal and opposite criticism"
  10. When are they releasing the Windows 2000 patch? by jfdavis668 · · Score: 1

    This could turn into a big issue unless Microsoft releases a patch for all those older versions.

    1. Re:When are they releasing the Windows 2000 patch? by mnemotronic · · Score: 2

      Consider Microsoft's position:
      Many of the operating systems are on End-of-Life status which means this product will no longer receive assisted support or security updates from Microsoft. These OSs are still widely used and are now even more vulnerable, if that's possible.
      Microsoft is in a bind. They could provide patches for these vulnerabilities, or restate their policy: "Your're on your own bucko". How many people left at Microsoft worked on the Windows 2000 software or remember it? If MS does somehow figure out how to patch these OSs, then I can see that as setting a precedent that says they will provide security fixes in certain situations. That's the kind of vague context that lawyers love and could lead to future class action lawsuits when they refuse to fix a bug that caused problems for someone. "Hey Microsoft, you did a fix for Eternal Blue but didn't do one for Never Ending Orange and my data got stolen! It's your fault."

      --
      The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
    2. Re:When are they releasing the Windows 2000 patch? by jfdavis668 · · Score: 1

      If someone else can port the exploit to Windows 2000, Microsoft should be capable of porting the fix.

    3. Re:When are they releasing the Windows 2000 patch? by mnemotronic · · Score: 1

      If someone else can port the exploit to Windows 2000, Microsoft should be capable of porting the fix.

      Possibly, but is it cost-effective and can it be achieved within reasonable time constraints? IMHO, information warfare, like terrorism, is asymmetric. It's easier to burn a bridge than to design and build it.

      --
      The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  11. You don't steal from the NSA unless... by Viol8 · · Score: 2

    ... you worked there. The chances of Mr A Random Hacker gaining access to their core systems are as close to zero as makes no difference. If original code is truly from the NSA then it was leaked by an employee.

    1. Re:You don't steal from the NSA unless... by Anonymous Coward · · Score: 1

      two things every IT veteran knows:
      1. never discount the improbable
      2. shit happens

    2. Re:You don't steal from the NSA unless... by AHuxley · · Score: 1

      Contractors changed all that. The days of compartmentalization ended in Vietnam. After that it was all about budget and showing political leaders its was all private sector savings and using advanced products and market forces.
      Lots of contractors and private sector networks rented their services back to the NSA per mission. The US mil/gov "contractor" staging servers held out for many years online but someone finally tracked some bot, automated network back to a NSA contractor.
      With correct US gov compartmentalization that would have been an empty front company with nothing more than what was needed for one mission.
      With the contractor it was the full cyber tool set on a server because a contractor is allowed to have all the tools they need for any mission, ready to rent back to the US gov.

      --
      Domestic spying is now "Benign Information Gathering"
    3. Re:You don't steal from the NSA unless... by sjames · · Score: 1

      Or some idiot violated security protocols.

  12. "All versions", yeah right by ET3D · · Score: 3, Interesting

    Interesting that he went for a 2 year old version of Windows 10. Would have been much more interesting if he tested the latest patched versions of all OS's. If he did that for Windows 10, won't surprise me if he also used unpatched versions of Windows 8.1 and 7.

    1. Re:"All versions", yeah right by Anonymous Coward · · Score: 2, Informative

      Interesting that he went for a 2 year old version of Windows 10. Would have been much more interesting if he tested the latest patched versions of all OS's.

      He did, although you have to read the article linked in the article linked from the summary to know this.

      He tested on FOUR different versions of Windows 10:
      10.10240 - vulnerable
      10.10586 - vulnerable
      10.14393 - vulnerable
      10.16299 - NOT VULNERABLE

      Also 10.16299 is from October 2017, which is only 5 months old right now, not 24 months as you imply.
      10.10586 and 10.14393 are both not 24 months old yet either.
      Only one version in that list, 10.10240, is more than 24 months old. But seeing as four isn't one as you claim, I'm not counting that as a correct statement either.

      If he did that for Windows 10, won't surprise me if he also used unpatched versions of Windows 8.1 and 7.

      Of course he did, and says so. He also tested the fully patched versions along with them.

      Windows 7: Release version, SP0, SP1, and SP1 with the KB3020369 rollup.
      The first ones are older unpactched versions, or specifically for SP0 and SP1, they are patched just not the latest patches.
      The latest would be the KB3020369 rollup, which is also vulnerable.

      Windows 8.1: Release version, Evaluation 9600, and SP1.
      The first is unpatched, the second is the beta for SP1 so is patched but not the latest patches, and SP1 is the latest. All are vulnerable.

  13. Re:yes but did you heard the eagles won the game by mnemotronic · · Score: 3, Funny

    I made a fair amount of money on that game. Monopoly money, of course ...

    Exchange it for BitCoins.

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  14. Re:The NSA has ruined the internet by mnemotronic · · Score: 1

    If the NSA and other agencies worked on making US telecoms infrastructure and software more secure instead of ....

    I must be missing something. Isn't it the purview of the US telecoms and other companies that are creating, deploying and selling the infrastructure and software to ensure that it's secure, reliable and cost-effective, not the US government? That is, if they want customers.

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  15. They are a government agancy first by Excelcia · · Score: 5, Interesting

    It's not the fact that the NSA isn't allowed to hack. It's the fact that they discovered multiple critical vulnerabilities in an OS used by hundreds of millions of American citizens and other American agencies and governments, and instead of disclosing it responsibly so that Americans would be protected, they sat on that information. Worse, they weaponized it, then they let the weapon escape out into the wild. NSA exploits are responsible for more billions of dollars in ransomeware attacks than any single source.

    The NSA failed to protect Americans, weaponized a weakness shared by virtually every citizen, and then failed to keep their weapons locked up. Imagine if the US Air Force lost a few nukes. The property damage by NSA leaks is about akin to dropping a nuke on medium sized city. The NSA leadership responsible for those decisions shouldn't just be fired, they should be hauled (in chains) before congress to answer publicly for those decisions. I cannot fathom why the American people aren't still howling for their arrest.

    1. Re:They are a government agancy first by Anonymous Coward · · Score: 1

      My generation stopped the NSA Clipper chip. What’s your generation’s excuse?

    2. Re:They are a government agancy first by humankind · · Score: 1

      How many phone calls did you make to your elected representatives demanding they do something about this? Oh wait, you expected someone else to solve the problem for you?

      Even if you're not in the states, like any citizen, part of your responsibility is to regularly lobby the government to represent your interests. This stuff happens everywhere, in every country where people expect some annointed king-like leader to solve all their problems and read their minds.

    3. Re:They are a government agancy first by VeryFluffyBunny · · Score: 3, Insightful

      How many phone calls did you make to your elected representatives demanding they do something about this? Oh wait, you expected someone else to solve the problem for you?

      Even if you're not in the states, like any citizen, part of your responsibility is to regularly lobby the government to represent your interests. This stuff happens everywhere, in every country where people expect some annointed king-like leader to solve all their problems and read their minds.

      Yes, that's the typical response of victim blamers and it's a load of bollocks.

      How are citizens supposed to do something when their political representatives actively avoid them, and everything that matters to people is taken out of democratic control, or made secret, e.g. that the NSA was spying on American citizens in the US without reasonable suspicion or probable cause?

      How would you like to blame voters who've been forced into a captive 2 party system dominated by corporate funding?

      And how about all the US citizens and party members who are denied their right to vote by closing down polling stations and disqualifying large numbers of votes? How would you like to blame them?

      When you have a participatory democracy instead of a representative one, you can blame the electorate for lack of participation. Don't shit on the unfortunate and disenfranchised.

      --
      Debate is a form of harassment. Do not question my truth.
  16. Re:Joke's boner him by Immerman · · Score: 1

    What does Windows ME have to do with anything? Even at the time everybody recognized it as a bad joke. The only people to use it were the suckers that bought a new computer without first making sure it was running 98 instead.

    --
    --- Most topics have many sides worth arguing, allow me to take one opposite you.
  17. Re:The NSA has ruined the internet by suutar · · Score: 1

    The NSA's charter has two goals: improve the security of US stuff, and penetrate the security of non-US stuff. They've apparently decided that attack is more important than defense and it's biting them (and everyone else) in the butt.

  18. Re:Windows always excelled at backward compatibili by NettiWelho · · Score: 1

    Yeah, but you get much better framerates in Win 10

    This experience isn't universal, in fact theres a thread on nvidia driver forums thousands of responses long complaining about massive performance issues in general on windows 10 but not a similar complaint mountain on windows 7(many people actually note that performance issues is not present on windows 7 on exactly same hardware setup) which was the most popular windows until literally a few days ago

  19. Re: Suuuure you did by Anonymous Coward · · Score: 1

    Intel ME is just a mirage!

  20. Re:What about new zero day exploits? by HiThere · · Score: 1

    Rather than "spineless", I would say "complicit".

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.
  21. Re:Thanks, Obama. by HiThere · · Score: 1

    I think you can fairly blame every president since Eisenhower...and possibly him.

    It's a systematic problem. When some gets into a position of power, they almost inevitably try to consolidate the power. If they weren't the kind of person who would do that, they wouldn't have schemed for the power in the first place. And the election system guarantees that only those nearly psychotically driven to gain power will be willing to put themselves through the process.

    So I recommend selecting government officials by lottery with minimal qualifications. (At least 2/3 of the adults in the country should be in the lottery.) We could hardly do worse than the current selection, and it would prevent "politicians" being pre-bribed before they took office. And it would ensure that all minorities were fairly represented (on the average). Then there's the need to address regulatory capture, so office holders should be forbidden from any gainful employment after retiring ... which means they need a decent retirement package...say, twice the median income.

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.
  22. Re:The NSA has ruined the internet by mnemotronic · · Score: 1

    The NSA's charter has two goals: improve the security of US stuff, and penetrate the security of non-US stuff...

    From what I can tell, their "improvement" is restricted to "national security information and systems". I didn't know that included Windows XP.

    From NSA story:
    NSA Mission
    NSA's Mission is to help protect national security by providing policy makers and military commanders with the intelligence information they need to do their jobs. NSA's priorities are driven by externally developed and validated intelligence requirements, provided to NSA by the President, his national security team, and their staffs through the National Intelligence Priorities Framework.

    From the NSA website:
    Mission Statement
    The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both Signals Intelligence (SIGINT) and Information Assurance (IA) products and services, and enables Computer Network Operations (CNO) in order to gain a decision advantage for the Nation and our allies under all circumstances.

    More from the NSA website:
    What is Information Assurance?
    Information Assurance involves preventing unauthorized access to sensitive or classified national security information and systems. The purpose of the Information Assurance mission is to keep others from stealing or tampering with our national security systems and information. This work not only keeps our vital information out of unauthorized hands, but helps ensure that the information our decision makers need is available and reliable when they need it.

    Under National Security Directive 42, the Director of NSA has responsibility for the security of national security information systems, covering the Department of Defense and other Federal departments and agencies. NSA/CSS also helps improve the security of critical operations and information by providing know-how and technology to suppliers and clients.

    Who are NSA/CSS' Customers?
    NSA/CSS provides intelligence products and services to the White House, executive agencies (such as CIA and the State Department), the Chairman and Joint Chiefs of Staff (JCS), military combatant commanders and component commands, military departments, multinational forces, and U.S. allies. In addition, we provide Information Assurance products and services to users of national security information systems and to government contractors, as required.

    --
    The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
  23. Re:The NSA has ruined the internet by suutar · · Score: 1

    Fair enough. You have a lot more detail there than wikipedia (their source is from 2014 anyway; it's been modified since then). Thanks for the references :)

  24. The perils of outsourcing :] by najajomo · · Score: 1

    Illustrating the perils of outsourcing your stuff to the private sector :]

    1. Re:The perils of outsourcing :] by AHuxley · · Score: 1

      That is what started all the problems. The NSA held up well against the Soviet Union and all its attempts into the 1980's.
      With the use of contractors the compartmentalization was finally lost.
      Every contractor had its own new ways and full tool lists. Staging servers could do anything for any mission at any time for a price.
      Contractors got let into more and more US gov secrets until the esprit de corps within the US gov, mil was replaced by contractors rent seeking.
      Political leaders backed the private sector as they got "results" for the same budget. States got new private sector consulting jobs and that was good for reelection.
      It all held together until the staging servers with all the tools got found. Why put so many tools in one staging server? Convenience for the private sector? Profit? It always just worked in the past?

      --
      Domestic spying is now "Benign Information Gathering"
  25. Re: Joke's boner him by Brockmire · · Score: 1

    There was a hybrid 98/me build you could make that added the few ME features and improvements and run on a 98 install. I think I cleared that shit from my local drives years ago and forget the name of that project.