Hacking group the
Shadow Brokers yesterday dumped a new collection of Windows hacks used by the NSA to target PCs which were believed to contain a number of Zero-day exploits.
Microsoft has today published a response to the new leak, saying their engineers have investigated the disclosed exploits and reassured Windows users that most of the exploits have already been patched.
Microsoft, however, notes that these exploits were only patched “on supported products” and in particular note that 3 exploits, “EnglishmanDentist”, “EsteemAudit”, and “ExplodingCan”, could not be reproduced on “Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange” urging customers to upgrade to supported versions of the software.
Some of the exploits were patched only in the most recent Patch Tuesday, showing both the importance of keeping up to date with Microsoft’s patch cycle and not delaying updates and of keeping up with the OS upgrade cycle.
source:mspoweruser
