Microsoft fixed zero-day vulnerabilities in its software long before they were revealed by the Shadow Brokers group.

US cyber espionage organizations and ordinary cyber criminals are now having a hard time. Many software vulnerabilities of various vendors have become known thanks to the work of the hacker grouping Shadow Brokers, WikiLeaks, and other organizations, including Symantec. As a result, IT companies rule and fix their software, which makes it impossible to exploit a large number of “holes” in the software by anyone.

Microsoft, as it turned out recently, back in March fixed all zero-day vulnerabilities that Shadow Brokers told about. In August 2016, she laid out the first batch of Exloits. They themselves did not create anything of what they reported, this software belongs to another hacker grouping Equiation Group, which is known to be associated with the NSA.

Shadow Brokers decided to lay out a set of exploits, expressing thus a protest against the policy of Donald Trump, for whom representatives of this group voted.
')
In an online mode, after examining the contents of the archive of exploits, Microsoft employees began to fix the presented vulnerabilities. Recently, the corporation announced that all the vulnerabilities mentioned by hackers have been eliminated . This was done with updates that Microsoft classifies as MS17-010 , CVE-2017-0146 , and CVE-2017 . In its address, the corporation mentions that no one contacted the NSA; the problems in the software were not reported by Microsoft.

Code name	Decision
“ EternalBlue ”	Addressed by MS17-010
“ EmeraldThread ”	Addressed by MS10-061
“ EternalChampion ”	Addressed by CVE-2017-0146 & CVE-2017-0147
“ErraticGopher”	Addressed prior to the release of Windows Vista
“ EsikmoRoll ”	Addressed by MS14-068
“ EternalRomance ”	Addressed by MS17-010
“ EducatedScholar ”	Addressed by MS09-050
“ EternalSynergy ”	Addressed by MS17-010
“ EclipsedWing ”	Addressed by MS08-067

The fact that none of the vulnerabilities disclosed by Shadow Brokers, does not work, it became known a day before the publication of Microsoft. This may mean that Windows users are relatively safe, at least those who regularly update their OS. In large organizations, where updates are installed centrally, all of these vulnerabilities may still be relevant. In any case, we are talking about EternalBlue, EternalChampion, EternalSynergy and EternalRomance.

But even this is not interesting, but how Microsoft was able to find out about the imminent publication of information about exploits a month before the Shadow Brokers announcement. Perhaps the group itself was in contact with Microsoft, because, as mentioned above, the corporation denies contact with the NSA.

If this assumption is correct, then Microsoft probably paid Shadow Brokers for this information without advertising its actions.



And one more assumption is that Microsoft independently discovered problem areas in its software, without the help of the NSA or the hacker group. This is quite possible, since other vulnerabilities announced by grouping and related to Windows XP, Windows Server 2003, Exchange 2007, and IIS 6.0 remained uncorrected.


Interestingly, after the release of exploits, most experts on network security announced that these software tools are quite working in relation to Microsoft products. A bit later, cybersecurity experts admitted the mistake, but the fact that many of them had previously declared about work vulnerabilities suggests that they simply didn’t check whether they really were in the Windows Update log and did not see any mention of the zero vulnerability patch. of the day