You are here
Home > Tech and Gadgets > Microsoft: Previous Windows patches fixed newly leaked NSA exploits

Microsoft: Previous Windows patches fixed newly leaked NSA exploits

Microsoft said it has already patched vulnerabilities revealed in Friday’s high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they’ve kept their software up-to-date.

Friday’s leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008.

However, Microsoft said several patches—one of which was made only last month—address the vulnerabilities.

“Our engineers have investigated the disclosed exploits, and most of the exploits are already patched,” the company said in a blog post late on Friday.

Three of the exploits found in the leak have not been patched but do not work on  platforms that Microsoft currently supports, such as Window 7 or later and Exchange 2010 or later. 

“Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” the company said.

Matthew Hickey, director of security firm Hacker House, has looked over the leaks and agrees with Microsoft’s assessment.

He advises that businesses, which often delay patches for operational purposes, move quickly to install the Microsoft fixes to mission critical servers.  Hickey demonstrated in a video that one of the exploits in the leak can easily trigger remote code execution in a machine running Windows Server 2008 R2 SP1.

America One
Big Article Zone
Commutee
Public News 4U
Quality Tech News
Same Day Newspaper
Tech News All
Today Newspaper