Microsoft has released a patch for Windows XP, to protect the OS from exploits NSA

About how dangerous can be spyware for companies and individuals, perhaps you can not talk. First of all, computers with an OS without updates, including anti-virus and other types of protection are vulnerable for such software products. This week, Microsoft made an unexpected move and released patches for Windows XP and other already unsupported versions of its operating system. This was done, first of all, to enable users of outdated software platforms to protect themselves from malicious software.

Microsoft updates operating systems that are no longer supported, not for the first time, but this happens very rarely. At the moment, only two more cases are known, except for this, when the company did the same. Microsoft may have reported something about an upcoming attack using the NSA exloits, or maybe it was all planned well in advance. But the same XP operating system works far not only on the computers of ordinary users, it is used by large companies (although not all and not always advertise it).

The update, which was released on Tuesday , includes fixes for the three exploits, which were made public by the Shadow Brockers group. Let me remind you that it was this group that laid out in the open access the software tools that the NSA used to conduct spyware events.
')
According to Microsoft, new patches reduce the risk of malicious attacks on networks and individual computers, primarily government organizations, in some cases we are talking about organizations on a national scale. That is why the company, along with regular updates, has released additional ones that have become available to all users, including those who work with outdated versions of Windows.

In addition to XP, the updates are released for Vista and Server 2003. First of all, they are directed against the NSA exploits, which are called “EsteemAudit,” “ExplodingCan,” and “EnglishmanDentist”. The first uses holes in the desktop access protocol, the second in IIS 6.0, the third in Microsoft Exchange Servers. Modern operating systems are not affected by the listed exploits. In order to take advantage of updates from Microsoft, you must manually download patches. You can find them here .

After the official announcement, there was a separate post from a member of the Microsoft security department, who hurried PC users to switch to new software platforms. According to him, they are less vulnerable to malicious software. As for the exceptional actions of Microsoft, then, in the opinion of this specialist, there are no oddities here.

“Our today's decision, which is to issue software updates for platforms that are no longer supported, should not be taken as a deviation from our usual policy. Based on the threat assessment made by our security engineers, we decided to release the updates, ”said Eric Doerr, head of the Microsoft Security Response Center.



By the way, in April it became known that Microsoft fixed zero-day vulnerabilities in its software long before they were revealed by the Shadow Brockers group. This was done in March.

The very same group laid out a set of exploits, which were previously used by the NSA, thus protesting against the policies of Donald Trump, who was hacked by the hackers. They only posted the exploits previously used by another hacker group, the Equiation Group, which is known to be associated with the NSA.

After the vulnerabilities were explored, it became clear that none of them work against Microsoft products. This was a surprise to many representatives of information security. In addition, the fact that updates have removed the threat to Windows users allows us to say that those who regularly install updates are in relative safety.

Perhaps Microsoft managed to eliminate the threat after communicating with representatives of Shadow Brockers themselves, unfortunately, nothing is known about this. Nevertheless, there are suggestions that the company paid the group for this information without in any way advertising its actions. It is possible, of course, that representatives of Microsoft and independently discovered problem areas, this is also not surprising.

Whatever it was, now users of almost all versions of Windows are in relative security - NSA exploits, in any case, known, do not threaten systems with installed updates.