Hacking group the Shadow Brokers has today dumped a new collection of Windows hacks used by the NSA to target computers on the web.
The collection is believed to contain a number of Zero-day exploits with the LawFare security blog quipping “I’m only being somewhat glib in suggesting that the best security measure for a Windows computer might be to just turn it off for a few days.”
It is believed it would be really easy for so-called “script kiddies” to weaponize the hacks with the exploits affecting a number of products.
“There appears to be at least several dozen exploits, including zero-day vulnerabilities in this release. Some of the exploits even offer a potential ‘God Mode’ on select Windows systems. A few of the products targeted include Lotus Notes, Lotus Domino, IIS, SMB, Windows XP, Windows 8, Windows Server 2003, and Windows Server 2012,” said Cris Thomas, a strategist and Tenable Network Security.
Most of the exploits are targeted at older versions of Windows, with the newest seemingly targeting Windows 8. Hopefully, much of the holes have already been filled in the intervening years.
A Microsoft spokesperson said, “We are reviewing the report and will take the necessary actions to protect our customers.”