Microsoft has patched the vulnerabilities that allowed nine of the exploits released by the Shadow Brokers on Friday to work, and said that of the three remaining exploits, none will work on supported platforms (Windows 7 and newer versions of the OS, or Exchange 2010 and newer versions of Exchange).
The list of addressed vulnerabilities (and the exploits they allowed) is as follows:
Roughly half of these flaws were fixed at one point or another in the past ten years or so, and patches for the other half were released in March 2017.
If the data dumped by the Shadow Brokers has been stolen from the Equation Group, and Equation Group has been linked to the NSA, it is perhaps safe to assume that the NSA did ultimately share information about those vulnerabilities with Microsoft, so that they can get fixed before Shadow Brokers revealed the stolen Windows exploits.
As it has been noted, the Shadow Brokers did name the exploits they got their hands on back in January, so the NSA knew that sooner or later they would be published.
It has also been noted that Microsoft did not, as it is their custom, give public thanks to those that flagged the vulnerabilities fixed in the March security update for Microsoft Windows SMB Server (security bulletin MS17-10), which adds fuel to the speculation that it was the NSA.
And if you remember, Microsoft skipped the scheduled February Patch Tuesday, and offered only a cryptic explanation that the February updates were delayed because they discovered a last minute issue that could impact some customers and was not resolved in time for their planned updates. The next Patch Tuesday – in March – closed a record number of vulnerabilities.
Of course, it is also possible that Microsoft has fixed some these vulnerabilities in March by mere chance.
Whatever the case may be, Microsoft advises users to make sure that their computers are up-to-date, and to upgrade to a supported Windows or Exchange version if they haven’t already.