Stories
Slash Boxes
Comments

SoylentNews is people

Fearing Shadow Brokers Leak, NSA Reported Critical Flaw to Microsoft

posted by on Sunday May 21 2017, @08:07PM   Printer-friendly
from the better-late-than-never dept.

Fnord666 writes:

After learning that one of its most prized hacking tools was stolen by a mysterious group calling itself the Shadow Brokers, National Security Agency officials warned Microsoft of the critical Windows vulnerability the tool exploited, according to a report published Tuesday by The Washington Post. The private disclosure led to a patch that was issued in March.

Those same NSA officials, according to Tuesday's report, failed to communicate the severity of the vulnerability to the outside world. A month after Microsoft released the patch, the Shadow Brokers published the attack code, code-named EternalBlue, that exploited the critical Windows vulnerability. A month after that, attackers used a modified version of EternalBlue to infect computers around the world with malware that blocked access to data. Within hours of the outbreak of the ransomware worm dubbed WCry, infected hospitals turned away patients; banks, telecommunications companies, and government agencies shut down computers.

"NSA identified a risk and communicated it to Microsoft, who put out an immediate patch," Mike McNerney, a former Pentagon cybersecurity official and a fellow at the Truman National Security Project, told The Washington Post. The problem, he said, is that no senior official took the step of shouting to the world: "This one is very serious, and we need to protect ourselves."

Source: ArsTechnica

Original Submission

 
This discussion has been archived. No new comments can be posted.
Fearing Shadow Brokers Leak, NSA Reported Critical Flaw to Microsoft | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by meustrus on Monday May 22 2017, @02:13PM

    by meustrus (4961) on Monday May 22 2017, @02:13PM (#513492)

    This disclosure is great! Props to Shadow Brokers for making us all safer from the NSA.

    Now let's close all the holes the Russians, Chinese, N. Korean, and other hostile foreign powers have. While we're at it let's eliminate the hacks that criminal organizations use to competently extort money and steal corporate secrets. And can we please fix the design vulnerabilities in HTML and other interfaces that allow our new tech overlords to track us and establish Orwellian profiles of our behavior for uses still not entirely decided upon?

    There isn't just one NSA-shaped boogeyman. The enemy to our personal liberty is found in all such large concentrations of power.

    --
    If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3