Other researchers, pouring through the dump, say they are finding some hacking tools that are really unsafe and could impact most versions of Windows, including the type that runs on computer servers.
He's been among the researchers looking over the files and has found they contain about 20 different Windows-based exploits - four of which appear to leverage previously unknown software vulnerabilities.
Matthew Hickey, director of security firm Hacker House, has looked over the leaks and agrees with Microsoft's assessment. "This puts a powerful nation state-level attack tool in the hands of anyone who wants to download it to start targeting servers".
The dump of Windows exploits - arguably affecting the most people and organizations and likely to cause the most damage and embarrassment to the intelligence agency - has been expected since the hacking group first emerged on the scene past year.
Researchers who spent Friday sifting through TheShadowBrokers' code previously said that the tools exploited undisclosed vulnerabilities, a potentially serious development that anxious the security community.
Prior to Microsoft's hysteria-neutering blog post, security pros had been tearing apart the leaked cache of digital weapons, running the attack code on their test systems, and warning the world about the potential danger of anyone connected to the Internet with a Windows-based computer.
A Microsoft spokesman declared for ZDNet that "We are reviewing the report and will take the necessary actions to protect our customers".
Yesterday's data dump contained tools for hacking various Windows OS versions, and documents revealing the NSA's alleged implication in the hacking of several banks around the world, and EastNets, one of the SWIFT departments managing and monitoring SWIFT transactions across Middle East banks.
U.S. 'Era Of Patience' With North Korea Is Over - VP Pence
The US has leaned on China - North Korea's main ally - to apply pressure on Pyongyang to curtail its nuclear ambitions. The adviser spoke on condition of anonymity to discuss the administration's initial understanding of the launch.
As Marcy Wheeler of emptywheel points out, the NSA had at least 96 days to warn Microsoft about the extent of the leaks.
"We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services".
SWIFT is an global messaging network used by 10,000 banks in 212 countries to send information about financial transactions, including money transfers. 'I have been able to hack pretty much every Windows version here in my lab using this leak'.
Due to the detailed description of service bureau infrastructure in the Shadow Brokers documents, Suiche believes the leak could be harmful to the SWIFT network.
"EastNets continues to guarantee the complete safety and security of its customers' data with the highest levels of protection from its Swift-certified service bureau".
"Most of the exploits are already patched", Misner said.
"This is as big as it gets", Hickey said.
The Shadow Brokers documents, whose authenticity has not been verified by The National, suggest that the NSA has used access to EastNets systems to monitor Middle Eastern customers' financial transactions.
Comments