A group calling itself the Shadow Brokers has publicly released a collection of hacking tools that were allegedly stolen from a US intelligence agency. The released tools are affecting multiple software products and operating systems.
eSentire expects that these leaked tools will be used actively by cybercriminals. Documents which accompanied the disclosure are said to reveal targeted intelligence operations against major companies including SWIFT. These claims have not been publically confirmed.
- The majority of Windows related vulnerabilities have been patched in the March 14, 2017 security update. Ensure that appropriate MS security updates are applied to all affected products.
- Contact affected vendors for patch availability.
- Migrate away from any end-of-life Microsoft products as soon as possible.
- Exposed software includes the following products:
- RedHat 7.0 - 7.1
- Sendmail 8.11.x
- Solaris 6, 7, 8, 9 & 10 (possibly newer)
- Samba 3.0.x
- IBM Lotus Notes & IBM Lotus Domino 6.5.4 - 8.5.2
- IMail 7.04 - 8.22
- Windows NT4.0, 2000, XP SP1 & SP2, VISTA, 2003 SP1, 2008 and 2008 R2, Windows 7 SP1, Windows 8
- The vulnerability does not affect Microsoft Office on Mac OS X.