Microsoft Says Previous Windows Patches Fixed Newly Leaked NSA Exploits (pcworld.com) 48
Microsoft said it has already patched vulnerabilities revealed in last week's high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they've kept their software up-to-date. From a report: Friday's leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008. However, Microsoft said several patches -- one of which was made only last month -- address the vulnerabilities. "Our engineers have investigated the disclosed exploits, and most of the exploits are already patched," the company said in a blog post late on Friday. Three of the exploits found in the leak have not been patched but do not work on platforms that Microsoft currently supports, such as Window 7 or later and Exchange 2010 or later.
move along (Score:4, Insightful)
you are completely secure citizen. not that you had anything to hide... right?
Meh... (Score:2, Insightful)
I'd rather they fix the god damn default apps reseting themselves randomly for no good reason instead. Since the day Windows 10 came out it's been an issue. No I don't want Edge to be my default PDF reader, now stop reseting my shit!
Re: (Score:2)
god is a Luddite concept, we worship at the altar of AI which is a large touch screen with Apps that can ape apps with their deep learning neural networks... or something like that
It's the timing that is suspect. (Score:1)
They patched them in the months before they were released, which implies one of two things : Wikileaks contacted them ahead of the release, or the NSA contacted them ahead of the release.
Most of them are old fixes. Windows 2003 (Score:2)
ONE of the fixes was fairly recent. Most are old fixes for old exploits.
Our company actually has more recent code than the NSA has in this dump.
From our analysis so far, we're most concerned about Windows 2003.
Controlled Opposition Confirmed? (Score:1)
Get off my turf, punk! (Score:2)
"We're the only ones allowed to pwn our customers", says Microsoft to the NSA.
Re: (Score:2)
You left out the 'for free' bit, all of them play when the CIA/NSA/FBI pay (not to forget FSB or MSS). They only scream, Google, M$, Facebook et al, when they are forced to do it for free. They are quite content to do anything to you they can as long as they are paid. Come on people, they roll over for the government of China, they roll over the pretend enemy Russia and fucking hell they even roll over for Saudi Arabia the terrorist state, just as long as they are paid and paid millions of dollars to fuck y
The *real* question... (Score:3)
Re: (Score:2)
They don't need any new exploits, the whole damned OS is an exploitation framework. They send updates downstream, you will take them in bundles and you will like it peon, and then they collect telemetry upstream. 3, profit!!!
Hate to put this in text, but Win10 is decent. (Score:1)
I'm OEM so no third party participation and Win10 is a tiny freaking OS. My Mom had a preference of shopping with out me and bringing home Acers. I missed my games and went Windows 10 Pro and so far 2 Linux Mint OS's, but it's early - Asus's EFI-BIOS will not update
There are mistakes in the TOS (You read it if asked), one being who you get the updates from, MicroSoft and a tightly controlled thirds. If you use Autoruns https://technet.microsoft.com/... [microsoft.com] you will find a server running, while mayhaps a bad thi
Re: (Score:2)
You sound like a poorly written chat bot. I still don't know what the hell you are babbling about.
Re: (Score:2)
I've avoided Windows, but gaming won out.
My Win10 install is very minimal 7 directories, all of my malware sites have been shutdown so I used the EICAR test file.
I was still in the glow of that test it was entertaining tossing that file out and seeing if Defender picked up on it and it was found fairly quickly.
Problem here is all malware programs are written to catch the EICAR test file.
The glow is gone and my Linux Mint not booting after this large Windows update (No boot menu). Things are still the same I
Very bad title (Score:2)
The summary actually contradicts the title.
Three of the exploits found in the leak have not been patched but do not work on platforms that Microsoft currently supports, such as Window 7 or later and Exchange 2010 or later.
Many people still run XP and are at risk because of three unpatched flaws.
Auditing tools? (Score:2)