Microsoft late on Friday said it had determined that prior patches to dozens of software versions had fixed the flaws that apparently were exploited by nine of the NSA programs.
A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle East's financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets. The Shadow Brokers published a number of Unix focused exploits that were allegedly stolen from the National Security Agency (NSA) as well.
"We have investigated and confirmed that the exploits disclosed by the Shadow Brokers have already been addressed by previous updates to our supported products".
On one hand, Microsoft showed the value of its patching services and mechanisms by thwarting these exploits before they were released but on the other hand, if the company is working that closely with the NSA, this may not sit well with some individuals.
EastNets yesterday described the reports as "totally false and unfounded", and said that an internal check of its servers had not uncovered any compromise or vulnerability.
Despite the indication that the NSA notified Microsoft of the vulnerabilities contained in the leaks, some technical experts expressed doubts that the NSA always follows this rule when necessary. There are trillions of dollars per day that get transferred through SWIFT, with over 11,000 banks and securities organizations in over 200 countries using SWIFT. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network's smaller clients and may send or receive messages regarding money transfers on their behalf. In a statement on their blog, Microsoft clarified the exploits from "Shadow Brokers" have already been patched. Belgium-based SWIFT on Friday downplayed the risk of attacks employing the code released by hackers and said it had no evidence that the main SWIFT network had ever been accessed without authorization.
The leaks appeared to be so serious that some security researchers were calling it a Windows apocalypse. One of Microsoft's fixes, also called a patch, was only released last month. These tools, allowed NSA analysts to break into a range of systems, network equipment, and firewalls, and most recently tools to target the Linux operating system - many of which were old and outdated.
"There is no impact on SWIFT's infrastructure or data, however, we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorised third parties".
While EastNets vehemently denied it was breached just hours after the dump, Microsoft took a more proper approach and said it was reviewing and testing the exploits. The three others affected old, unsupported products. While Windows computers that run up to date versions of Windows aren't at risk for these exploits, there are a lot of machines that are still running Windows XP and are no longer supported by Microsoft, and these machines are vulnerable.