The exploits that were stolen by the NSA last year and were thought to only affect older versions of Windows, τροποποιήθηκαν για να μπορούν να είναι λειτουργικά σε όλες τις εκδόσεις του λειτουργικού συστήματος της Microsoft from Windows 2000 and later.
Sean Dillon security researcher RiskSense (also known as zerosum0x0 on Twitter) reports that the three exploits he managed to convert are EternalChampion, EternalRomance, and EternalSynergy. The EternalBlue, είναι ένα άλλο exploit της NSA που διέρρευσε από την hacking ομάδα Shadow Brokers in 2017. The exploit has already been used in the WannaCry and NotPetya ransomware distribution attacks.
What Dillon was able to do was modify the exploits to target two different vulnerabilities across Windows. These exploits were then included in the Metasploit Framework and can now affect even the latest operating systems, such as Windows 10, which were initially considered to be unaffected by NSA tools.
EternalSynergy can exploit the vulnerabilities CVE-2017-0143 and CVE-2017-0146. EternalRomance can only exploit CVE-2017-0143 vulnerability, while EternalChampion only CVE-2017-0146.
In the documentation published in GitHub, Dillon explains that vulnerable targets are the versions of Windows released between 2000 and 2016, and attackers can acquire up to administrator privileges.
What is important to know is that these new exploits can only compromise a system if it is not patched, so it is very critical for all Windows users to install all the latest updates immediately security.
Those of you who are using Windows XP or Windows Vista, ie operating systems that no longer receive security updates, should upgrade to a larger version of Windows.