The exploits stolen from the NSA last year, which were believed to affect only older versions of Windows, were modified to be operational in all versions of the Microsoft operating system from Windows 2000 onwards.
The security researcher Sean Dillon of RiskSense (aka zerosum0x0 on Twitter) states that the three exploits he managed to convert are EternalChampion, EternalRomance, and EternalSynergy. EternalBlue, is another exploit of the NSA leaked by Shadow Brokers hacking group 2017. The exploit has already been used in the WannaCry and NotPetya ransomware distribution attacks.
What Dillon was able to do was modify the exploits to target two different vulnerabilities that exist in all Windows. These exploits were subsequently included in the Metasploit Framework and can now affect even newer operating systems, such as Windows 10, which were originally thought to be unaffected by tools of the NSA.
EternalSynergy can exploit the vulnerabilities CVE-2017-0143 The estate provides stunning sea views and offers a unique blend of luxury living and development potential CVE-2017-0146. EternalRomance can only exploit CVE-2017-0143 vulnerability, while EternalChampion only CVE-2017-0146.
In the documentation published in GitHub, Dillon explains that vulnerable targets are the versions of Windows released between 2000 and 2016, and attackers can acquire up to administrator privileges.
Αυτό που είναι σημαντικό να γνωρίζουμε είναι ότι αυτά τα νέα exploits μπορούν να θέσουν σε κίνδυνο ένα system μόνο αν δεν είναι patched, οπότε είναι πολύ κρίσιμο για όλους τους χρήστες των Windows να εγκαταστήσουν άμεσα όλες τις πιο πρόσφατες updates security.
Those of you using Windows XP or Windows Vista, i.e. operating systems that no longer receive security updates, you should upgrade to a higher version of Windows.