Microsoft says it's patched flaws exposed in leak of NSA hacks
- Author: Arturo Norris Apr 17, 2017,
Apr 17, 2017, 14:58
But three exploits - going by the names EnglishmanDentist, EsteemAudit, and ExplodingCan - were not reproducible in supported products, Misner said.
The Swift network allows banks to move money around the world and the leaked files indicate one of its major bureaus, EastNets, may have been hacked.
According to ZDNet and Hacker Fantastic on Twitter, the tools and exploits affect Windows 2000, Windows XP, Windows 7, Windows 8, as well as their server-side variants like Server 2000, 2003, 2008, 2008 R2 and 2012. Security experts say that this could be damaging to the global banking system if the spy tools are used to hack its vulnerabilities.
EastNets yesterday described the reports as "totally false and unfounded", and said that an internal check of its servers had not uncovered any compromise or vulnerability. Snowden previously released files showing the NSA had the ability to intercept SWIFT messages.
Matt Suiche, founder of cybersecurity firm Comae Technologies, wrote in a blog post that screen shots indicated some SWIFT affiliates were using Windows servers that were vulnerable at the time, in 2013, to the Microsoft exploits published by the Shadow Brokers.
"We mandate that all customers apply the security updates within specified times", SWIFT said in a statement.
The dump of Windows exploits - arguably affecting the most people and organizations and likely to cause the most damage and embarrassment to the intelligence agency - has been expected since the hacking group first emerged on the scene previous year. They did admit, however, that it was possible that the local networking systems of some individual SWIFT users may have been breached.
When hacking group "Shadow Brokers" started leaking NSA-discovered exploits, many people were understandably anxious.
Although some records bear NSA seals, their authenticity has yet to be confirmed. Microsoft issued the fix last month, but it's unclear how the company learned of the security issue.
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardised and reliable environment.
The NSA could not immediately be reached for comment, but SWIFT said in a statement that the hacking involved only its service bureaus and not its own network. However, SWIFT and EastNets told reporters that there has been no unauthorized access so far on its networks.
Several of the files we've seen appear to be "top secret" in classification, such as JeepfleaMarket, which appears to utilize the Jeepflea program to collect data on servers at least nine worldwide banks. The hack also revealed how to break into Microsoft software. In some cases, coverage for specific tools or vulnerabilities was already available prior to today's information release.