Modified NSA exploits also work on Windows 10

The exploits stolen from the NSA last year, which were believed to affect only older versions of Windows, were modified to be operational in all versions of the Microsoft operating system from Windows 2000 onwards.NSA

Sean Dillon security researcher RiskSense (also known as zerosum0x0 on Twitter) states that the three exploits he managed to convert are EternalChampion, EternalRomance, and EternalSynergy. EternalBlue, is another exploit of the NSA leaked by Shadow Brokers hacking group 2017. The exploit has already been used in the WannaCry and NotPetya ransomware distribution attacks.

What Dillon was able to do was modify the exploits to target two different vulnerabilities across Windows. These exploits were then included in the Metasploit Framework and can now affect even the latest operating systems, such as Windows 10, which were initially considered to be unaffected by NSA tools.

EternalSynergy can exploit the vulnerabilities CVE-2017-0143 and CVE-2017-0146. EternalRomance can only exploit CVE-2017-0143 vulnerability, while EternalChampion only CVE-2017-0146.

In the documentation published in GitHub, Dillon explains that vulnerable targets are the versions of Windows released between 2000 and 2016, and attackers can acquire up to administrator privileges.

What is important to know is that these new exploits can compromise a system only if it is not patched, so it is very critical for all Windows users to immediately install all the latest security updates.

Those of you who are using Windows XP or Windows Vista, ie operating systems that no longer receive security updates, should upgrade to a larger version of Windows.

Registration in via Email

Enter your email to subscribe to the email notification service for new posts.

Read them Technology News from all over the world, with the validity of

Follow us on Google News at Google news