What Windows users need to know about the latest 'Shadow Brokers' exploits

Updated April 15, 2017: Microsoft says its supported products have already been patched against most of the exploits we reported on Friday.

Microsoft has released a public statement (opens in new tab) on the Shadow Brokers dump, and the company stressed that users of supported products that are up to date with patches should not be at risk. We're unsure why we (and plenty of others) were still able to exploit up to date versions of Windows 7 and Server 2012.

However, our advice still stands: Use the latest software, install updates when they become available, and be mindful of your internet activities and what software you install. The original text of our article follows.

A group calling themselves "Shadow Brokers" has been leaking files it claims to have found when it hacked into NSA computers. Many of the leaks are concerning, but the latest exploits for Windows have many folks wondering how it affects them and their computers. We're not going to get too technical or dive into any details on how the hacks work, but we can help you understand what you need to know to protect yourself.

We tested the leaked files on virtual machines running Windows XP, Windows 7, Windows Server 2012 R2 and Windows 8 Pro to see if they're vulnerable. We also tested a local installation of Windows 10 Pro 64-bit. This is a quick list of what we found:

  • Windows 10 seems to be immune to the exploits leaked on April 14, 2017.
  • There are exploits that work 100 percent against Windows 7 with the April Service Pack.
  • There are exploits that work 100 percent against Windows Server 2012 R2 with the latest updates as of April 14, 2017.
  • There are exploits that work 100 percent against Windows XP with the latest updates.
  • Windows 8 Pro doesn't grant full remote access when using these tools, but it isn't immune and some slight variation of the code could make the OS vulnerable.

You'll see headlines all over the internet warning you to shut down your Windows PC or disconnect from the internet right now. But don't panic.

The sky isn't falling, but this is a serious situation.

Make no mistake, this is a really serious issue that Microsoft has to address. We don't want you to think you can just ignore it, because as you can see a good many PCs are vulnerable. The biggest thing to know is that if you're using Windows 10 and have installed the latest updates as of Tuesday, April 11, you won't be affected by these specific hacks. Other exploits may exist that can do some nasty things, so you should use common sense when using the internet or are installing software. But you know that, or should. That's something you should always do.

If you have a PC that is affected, we urge you to upgrade it to Windows 10. That means you, too, gamers. I was reluctant to move from Windows 7 to Windows 10 on my gaming PC, but I recently took the plunge and had no problems. If you have an older PC running an earlier version of Windows, you might still be able to upgrade. Windows 10 works better on older hardware than some of the previous versions did. And if you're unsure of which "flavor" of Windows 10 is right for you, hit this link:

How to tell if Windows 10 Home, Pro or Education is right for you

Microsoft hasn't released any public comment on this yet, but we're sure the company is evaluating the problem right now and exploring options to resolve it. In the meantime, just be careful — especially if you're still using Windows 7 or XP.

Jerry Hildenbrand

I'm an RHCE and Electrical Engineer who loves gadgets of all kinds. You'll find my writings across Mobile Nations and you can hit me on Twitter if you want to say hey.

56 Comments
  • When things like this happen the media always over reacts to it which gets most people to think the world is coming to a end. Just be smart and you'll be alright. Microsoft will push security patches out for the affected OS's as they always have in the past.
  • Exploits have also evolved and also are now smarter as far as I'm concerned Microsoft still hasn't addressed the issue about the MS Word exploits
  • wait a sec. so... somebody hacked the NSA?? Wait WHAT? NSA? And they found exploits for Windows OS and leaked it??? Why? All they found is this and nothing else? What kind of hack did they use to get to an NSA computer which stores sensitive files like this? It wasnt a random office PC (i guess) Or maybe nothing happened and Microsoft (and NSA) wants to force everybody to switch to spyware called W10??
  • I brought some cheese 🧀 for that wine🍷
  • What about some crackers?
  • Same as this misleading click bait Windows Central article that tells everyone the only solution is to upgrade to the stupid and unfinished Windows 10; that many people can't even do because Microsoft stupid OEMs did not bother to release new drivers that would actually work on Windows 10 especially when it comes to laptops with switchable graphics; so go tell the ******** at HP to release Windows 10 drivers before you try to force people to upgrade to Win10 and break their whole system that is dependant on outdated swichable graphics drivers.  
  • THANK YOU
    I was wondering if anyone ELSE figured out that this sounded a little too good to be true.
    SCARE TACTICS, pure and simple.
    Win 10 is by FAR the most spyware ridden INTRUSIVE version of windows to date, not to mention the latest "Creator's Update"
    They want everybody to be on the same level, make it MUCH easier for them to keep an eye on us..........
    There are no "Shadow Brokers"
    Just a concerted plan to get as many people as possible under surveillance ALL THE TIME.
     
  • You got that right Kyle.  The media finds those easy to digest stories and each one becomes the next national nightmare. One year it was Bird flu was going to kill us all.  Another year it was Acid Rain. Another it was Africanized Bees. Another year it was Creutzfeldt-Jakob, commonly known as Mad Cow, swine flu SARS, tomatos, spinach, stuff sold at Whole Foods and on and on. The hysteria never stops.
  • Have they patched all back doors used in leaked hacking documents.. Nope
  • To the extent that these potential exploits are backdoors, mandated by the NSA, is Microsoft even allowed to fix them...?
  • Oh how well this addresses Win7 vs Win10.
  • I think sticking with Windows 7 (and thinking before you click) or moving to Linux (if you don't need more than merely a browser for the most part) is the best solution to any of these security concerns. Moving to Windows 10, you're immune to this 1 security problem, but remain vulnerable to loads of other spyware nodes in the creators update ( https://www.youtube.com/watch?v=wPFbAqICUJo )...
  • You're right... Let's believe everything someone with a apple on his shirt tell us about Windows
  • Lol, die-hard fanatics never cease to amaze with their ignorance...but alas, iGnorance is a bliss.
  • You must be very happy then.
  • Says the one turning a blind eye to evidence right in front of them...
  • "or moving to Linux" That's funny - the everyone can see the source so therefore it is more secure argument was proven to be a fallacy a few years ago when it was found that the CIA, NSA, and FBI were exploiting a flaw in OpenSSL for years. Having the code visible made no difference, they were still able to hack - and in fact, being able to hack encrypted data means a lot more than being able to hack general network traffic. And how many of these exploits are in other OSS code? As for Windows privacy, Microsoft has detailed what they get, how they use it, how long they store it. And on each of those points, they are better than Google is. And yet, people seem to have no problem handing over every detail of their lives to Google. But Microsoft knows what kind of graphics card you are using? OH NO! That is a violation of privacy that will not stand!
  • Funny seeing fanatics get all ignoramus and riled up when they read "move to Linux"...you clearly didn't see what's stated in parentasis. As for Windows privacy, well done on turning a blind eye to the loads of other data they're mining, and the fact that it's occurring on devices people use for their serious work, your mama must be proud of your ignorance...
  • So someone goes to a web site like this, starts making up stories, gets upset when their favorite is criticized, and you then have the nerve to say we are fanatic ignoramuses? Be gone with you worthless troll.
  • Lol @ "making up stories", the ignorance sure is strong with this one.
  • Yeah, that disgruntled ex-Microsoft employee sure is the best person to talk about shortcomings of an OS. Not to forget that just days ago he posted a rant about how the NYT was faking evidence about racist Youtube videos being monetized, defended his racist scumbag Youtube creator friends - and then quietly deleted said rant when it became obvious that the NYT was correct. Which is when I unfollowed him on Youtube.
  • Right, 'cause him being dead wrong about a separate topic means he's wrong about Windows in this case too...such retarded excuses kids come up with these days.
  • Who is responsible for the security in Linux. Who has the ultimate blame when it gets targeted and who is supposed to fix it.
  • Those magical Linux pixies
  • You blame yourself for not thinking before you click, same as on Windows when you stupidly ignore warnings from your browser and the OS, and the fix comes from the dev community.
  • No responsibilities is not a good business.
  • Businesses using Linux can buy support from Linux vendors.   
  • I'm looking forward to the conspiracy nuts who say that Microsoft planted this to get people to upgrade to Windows 10.
  • The Linux fanboys will most likely be running with this theory - I've already seen it mentioned on another forum.
  • Wow, I can't believe how ppl go so far in the name of conspiracy. Wouldn't they understand for a second if this is Msft's doing, it means they compromise a great loss knowingly whilst reaping a negative effect? I mean, don't they know what's a damage control measure is (that Msft does right now)?
  • Lol true and it isn't like XP is even supported anymore anyways, and it isn't like Windows 7 (and 2012 R2 which is basically just modified Windows 7 code for enterprise servers) has had nearly 10 years of hackers learning it... Oh and it isn't like Apple purposefully stops supporting older model macs that are blatantly capable of running the next version of their OSX 10.X version because they want you to not just buy a newer OS for $100 or less, Apple wants you to buy another $1000-3000 computer. Whereas with my older XP machine and my Windows 7 laptop ran faster on Windows 8 with older hardware, and then my newer custom built Windows 8.1 pro machine runs even better on Windows 10, oh and so did my old windows 7 and Xp machines... So... Keep on complaining about nothing... Oh and did I mention that I got all of them On windows 10 Pro for free??? Yeah... I think everyone should switch to crApple and Linux where the average user will be lost and confused and give up...
  • Hehe, awesome.
  • Don't leave out the ones thinking WS is on the payroll. You should see Dan's private jets.
  • LOL and when iCloud was hacked during the celebrity nude selfie leak, did everyone stop using iPhones and iCloud. And with all of the terrible blatant spyware malware apps in the app store and google play that are simple "games" that need access to every single feature of your phone. Do you see these people abandoning android and iPhone.... Nope.... But Microsoft who actually wants to solve world problems versus google who wants to own everything you store in Gmail and google docs and apple, who has publicly said f-you to its developers and customers, you stupid idiots will keep throwing your money at us every time we spit out the exact same product but make it the tiniest better... But remember Microsoft is the terrible and evil one.... Not your infallible Google and Apple.... Really?!? (insert Amy Poehler and Seth Meyers meme)
  • Agreed
  • Well said.
  • Yeah people don't really give a **** about this stuff. Just hardcore security geeks. Ignorance is bliss.
  • What good is a 2015 article about the free upgrade to W10 if that free upgrade period has since expired?
  • You can still upgrade through this https://www.microsoft.com/en-us/accessibility/windows10upgrade. There's no check for whether you are using assistive technology. Don't know how long this will last though.
  • As of 15 April 2017, you can still install a clean copy of Windows 10 (Home/Pro) and activate it free of charge with an unused - meaning not previously used to activate Windows 10 - Windows 7 or 8 key.
  • I actually used my Windows 7 key to install Windows 10 and it activated, even though I'd previously upgraded from Windows 7 on a different pc. Both copies are fully activated
  • Yikes! Gotta stay safe!
  • I believe in f years we will be discussing the same "expolits" with diffrent coding in Windows 10 as well. NSA will never leave you alone EVER ;)
  • Ms. T'Soni at it again eh.
  • We'll bang, ok?
  • Haha
  • unplug your pc when your not on it. that why you are safer. simple eh
  • Advertising is getting smarter these days.
  • I van hardly call this **** Advertising. If this is meant for what you claim. Then buhu, nobody finds it funny. Nor do they find it a way to go Windows 10;)
  • Funny really. So those guys in hoods hacked NSA's machines and all they wanted to leak was a Windows' vulnerability? :))) I don't buy it. That's a hint from MS "upgrade your bloody XP, 7 and 8 already".
  • While Microsoft is fighting with Google and others to remain the main OS, just days after losing the most-used OS crown to Android, they're not going to go out of their way to put out a news story about a security problem that encourages people to leave Windows. I'm not saying the should keep security risks secret, but it's certainly not in their interest to do it to drive users to Windows 10.
  • Why is it not in their interest?  
  • Sorry for not being clearer on that. It's because Microsoft's main concern is to stop losing customers to Apple and Android, not moving existing Windows 7 and 8 users to 10. More specifically, Windows just lost the top spot as the main OS vendor to Google (with Android). MS's primary interest is stopping that shift and winning back customers. The shadow of security problems with Windows 7 and 8 may move some users to Windows 10 (which would be good for MS), but it also provides more ammo to its competitors and incents some to jump ship from Windows altogether. Losing a customer to a competing OS is a vastly greater negative to MS than the small positive of moving a users from 7 or 8 to 10. Therefore, it's not in Microsoft's interest to promote security problems with its older OS even if Windows 10 solves the problem -- the net result is a loss of customers.
  • What Windows users need to know is that Microsoft doesn't give a rat's patootie about their customers' privacy and should be considered complicit with the government when it comes to believing they deserve the details of every moment of our lives along with profits from all those lucrative contracts where our tax dollars line their pockets.
  • Lol. How much is Microsoft paying you to encourage Windows 10 upgrades?
    No one should be nudged to install software they don't want or doesn't meet their personal system requirements.
    Might as well change the site name to Windows 10 Central with Android
  • Funny.  In trying to root, gain "Administrative Priveliges" for my Samsung Android Smart Phone Device, J120A with SMS One click Root, don't even search for the latter, really bad doo doo, imo.   I received a bad virus on my PC that disabled Windows 10 System Restore, and also disabled Windows 10 Refresh and Recovery options for Windows 10.  I had to obtain new license file for my Office 2010 programs and even after doing a Clean-Install of Windows 10, I still get hacked and they are able to delete and change my files along with the file properties such as date created...date modified...blah blah....etc. Windows 10 defender, previous version without the "offline scan" option, did detect the malware ....but was unable to rid my computer of it nor able to restore the damage already done to system restoration and backup in Windows. By just upgrading Windows, my computer still could not do or read a System Restore Point.  Refresh your PC option was also disabled and permanently crumpled. Since then after a new fresh install of Windows 10, I still was hacked with files changing directly off of my hard drive and the OneDrive cloud.  Changes were innocent enough, but  they messed with my backup and deleted my April 2017 work calendar, so if these symptoms I've just described are happening to you:  You'll have to change your passwords, sorry to say....and sorry for me to do as I share my accounts with other users and it bothers me that I have to bother them.  Sometimes they are easily confused and the software Xbox, does not always display a  clear path of where to go to correct the issue.  They are not computer literate, so much, either. Bye for now and call me crazy.  Hopefully you can maintain your sanity and not ever have to go through anything like this.  I'll keep wishing and praying for peaceful computer bliss to all. BillyColt My Resolve: I now use ZoneGuard Free Antivirus and Firewall as Windows Firewall and Windows Defender failed to protect my Windows 10 PC.  You can get just the free ZoneGuard Firewall, but I would install the file that offers free ZoneGuard Antivirus and Firewall.  Otherwise, the Anti-Virus option will not enable without a paid upgrade.  I think I obtained this on CNET downloads... or somewhere..and once downloaded, you can customize the "Search Defaut Change to Yahoo" by unchecking the box after pressing "Express upgrade."  (There is no custom option until later in the first couple of Express Installation screens, "click the link that appears later to disable the search engine change". Comodo Firewall I tried as well but I could not find an easy way to set it back to defaults, as sometime I become lost in the settings I have changed, or I am unsure if I should have changed them... and need to perform a "do over" when lost in the forest of settings. ZoneAlarm will have to be uninstalled before you can do a System Restore, or the restore point will fail with "a possible AntiVirus is responsiblle for it not being able to access a file."  After unstallation of ZoneAlarm before the restore, the system restore dialog will report "a successful return to the Restore Point..." and bingo, done is done.  My file manipulations by hackers are minimalized by ZoneAlarm...more than even Comodo Firewall could do.  And Comodo Firewall, it is supposed to be the best.  A Comodo rep will help you set it up for free however, if you want the best.  Without a "restore default option", I am just to skittish to fool with it. So my point is, Yeah, Windows 10, for me, now.. has current virus issues that for me, are unrecoverable as is my lost April 2017 work file.  My time in having to reinstall the OS 10...is a big waste of time.  A recovery thumb drive eventually became my only option.  I should be able to trust Windows 10...but cannot as before the Creator's Update anyway.  And I do love the Creator's Update.  But Windows 10 apps are disappearing from Store, and I was forced not to trust Windows Defender and Firewall, both of which I loved because they were built-in.  The malware that disabled my backups has distanced me from loving Windows 10 ...which is just what the malware makers want to happen, isn't it? Virus bringing PC Down:1 Windows built-in protection: 0 My long way around it:0 or -1 BillyColt-I am saddened when forced to report bad news.  Concentrate on my measly coats being thrown over puddles for you to tread upon without getting dirty ...I don't want you saddened or put-out like me..