February 7, 2018

A Security Researcher Tweaks Leaked NSA Exploits to Work on Every Windows Version Since 2000

Remember those exploits that were stolen from the NSA (National Security Agency) and published online by hacker group ‘The Shadow Brokers’ in April last year? Well, they can now hack any version of Windows, not just the older versions of Microsoft’s operating system.


Sean Dillion, a security researcher at RiskSense, has revealed how sophisticated NSA exploits can be tweaked to potentially impact all versions of Microsoft’s operating system, including Windows 10.

Dillion has modified the source code of three leaked NSA tools called EnternalRomance, EternalChampion, and EnternalSynergy – to make all of these runs on all of today’s major Windows versions. However, Dillon holds that his release was “created purely for the purposes of academic research and for the development of effective defensive techniques, and is not intended to be used to attack systems except where explicitly authorized.”

Going by the name of ‘zerosum0x0’ on GitHub, Dillon noted that his modifications to the source code exploit the CVE-2017-0143 and CVE-2017-0146 vulnerabilities in numerous versions of unpatched Windows OS. An attacker can compromise an affected Windows system and perform remote code execution and remote control operations.


Almost every version of Windows released since Windows 2000 is affected, including the 32-bit and 64-bit variants of Windows XP, Windows Server, Windows Vista, Windows 7, Windows 8, and Windows 10. Yes, even the Microsoft’s latest active operating system ‘Windows 10,’ which is believed to be safe from the modified exploits, is among the affected versions. However, the threat remains for older Windows 10 versions that aren’t secured with the patches released in March last year.

This isn’t the first time researchers have modified NSA exploits for research and pen-testing purposes. However, it’s probably the first time that nearly a decade worth of systems are vulnerable to these exploits.

To know more about the modified NSA exploit module, you can visit Dillion’s GitHub report.

About the author 


{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}