Hacker group Shadow Brokers leaked a pack of tools that allegedly belong to the NSA and which were used for breaking into Windows systems across the world, with almost every single Windows version out there said to be vulnerable to attacks.
The news instantly made the headlines mostly because the timing of the leak was terrible for the security of Windows users, as it happened before the weekend and during the Easter holiday for many, thus making mitigation deploying rather slow.
And although it looked like the end of the world for Windows users, as some experts have called it, Microsoft says there’s absolutely no reason to be worried.
The leaked tools attempt to exploit vulnerabilities that have already been patched, Microsoft says in a statement today, so if you bring your system fully up to date, there’s no chance hackers can hijack your system.
“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” Microsoft says in a statement.
Old security flaws
One of the vulnerabilities is really old, the company indicates, as it’s been fixed before the release of Windows Vista, while others were addressed with more recent bulletins.
The key word in Microsoft’s statement, however, is the “supported” term, and this means that only Windows versions still receiving updates are secure. Windows XP, for example, could be vulnerable to attacks, as it no longer gets updates since April 2014.
“Of the three remaining exploits, ‘EnglishmanDentist’, ‘EsteemAudit’, and ‘ExplodingCan’, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk. Customers still running prior versions of these products are encouraged to upgrade to a supported offering,” Microsoft says.
Some security experts recommended users to go offline during the weekend or until a patch is released, but Microsoft says all you have to do is make sure that your computer is fully updated, no matter the Windows version. So if you are running Windows 7 or newer and all updates are installed, the NSA Windows hacks leak shouldn’t affect you.