By now, many of you have heard about the Shadow Broker hacker group and their leak of enormous amounts of NSA hacking tools, exploits and previously undisclosed vulnerabilities. One such SMBv1 vulnerability is now reported and fixed under MS17-010. In addition to checking for the existence of this vulnerability, SAINT researchers have now developed a new remote exploit capable of gaining a fully privileged command connection to unpatched targets running Windows 7 and Windows Server 2008 R2, using an SMBv1 vulnerability. This exploit will be deployed in tomorrow’s (4/27/17) content update. The exploit is based on EternalBlue, one of the modules in the framework leaked by the Shadow Brokers hacker group earlier this month. To ensure your systems are not at risk, be sure to run the Full Penetration policy against your network, or run the exploit against individual Windows systems.


By continuing to use the site, you agree to cookie usage. More Information

The cookie settings on this website are set to allow cookies to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings, or if you click "Accept" below then you are consenting to allow cookies to be used.