The hacking group Shadow Brokers last week revealed a large number of Windows vulnerabilities it claims to have stolen from the National Security Agency (NSA), but Microsoft said Friday that it has already patched most of them. The company has also rolled out new privacy settings through its recent Creators Update.
Nine exploits released by the Shadow Brokers have already been patched, while three others only affected users running older, unsupported versions of the Windows operating system, said principal security group manager Phillip Misner on Microsoft's TechNet IT portal. Misner said anyone with those older versions should upgrade their systems to avoid the vulnerabilities.
Since emerging last summer, the Shadow Brokers organization has published five leaks of zero-days and other vulnerabilities it claims to have taken from the NSA. The exploits the group revealed Friday included Windows vulnerabilities as well as hacking tools apparently used by the NSA to monitor messages about financial transactions through the SWIFT telecommunications network for banking.
'Lost in Translation' Leak
Described as the "Lost in Translation" leak, the Shadow Brokers' latest release has been called the group's most damaging dump to date by some news sources. The leak reportedly included "mentions of previously disclosed NSA top secret programs and software," according to Motherboard. The leak also included a tool that appeared to be linked to the Stuxnet computer worm that caused extensive damage to Iran's nuclear facilities in 2010.
The SWIFT-focused hacking tools included in last week's leak indicate "the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks," Reuters reported on Friday.
Misner noted on the TechNet site that Microsoft has already patched many of the Windows exploits revealed in the leak.
"Of the three remaining exploits, 'EnglishmanDentist', 'EsteemAudit', and 'ExplodingCan', none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk," Misner said. "Customers still running prior versions of these products are encouraged to upgrade to a supported offering."
New Privacy, Security Options
Last Tuesday, Microsoft also began rolling out its latest big update for Windows 10. Dubbed the "Creators Update," the OS refresh introduced several new security and privacy controls.
A new privacy dashboard, for example, "lets you see and manage your activity data across multiple Microsoft services," Yusuf Mehdi, Windows and Devices Group vice president, wrote in a blog post on March 29. Activity covered in the dashboard includes search history, location data and browsing history for the Edge browser. Users also can specify what diagnostic and usage data is sent to Microsoft.
The Creators Update also added a new Windows Defender Security Center that gives enterprise users a centralized dashboard for controlling security preferences, as well as a Device Health Advisor.
The Creators Update accompanies a change in which Windows 10 Mobile devices Microsoft will continue to support, Windows and Devices Group software engineer Dona Sarkar noted in a blog post on Friday. They include the HP Elite x3 and the Microsoft Lumia 550, 640, 640XL, 650, 950, and 950XL, along with some other Alcatel, SoftBank, Vaio, MouseComputer, and Trinity devices.
"Devices not on this list will not officially receive the Windows 10 Creators Update nor will they receive any future builds from our development branch that we release as part of the Windows Insider Program," Sarkar said. "However, Windows Insiders who have devices not on this list can still keep these devices on the Windows 10 Creators Update at their own risk knowing that it's unsupported."