Washington - Microsoft had already fixed a number of Windows security
vulnerabilities before they were revealed last week by the Shadow Brokers, a
group that has released several leaks about the inner workings of the National
Security Agency.
For consumers, that means you should not be at risk as long
as you've downloaded the latest security updates. In a company blog post,
Microsoft said that it had addressed all of the vulnerary latest bug’s
abilities either on or before March 14. Desktop users who allow auto-updates or
who regularly check for updates on their computers should be covered.
If you're still sticking to older versions of Windows,
however, you could run into a problem. Microsoft said that the patches have
been fixed for anyone running Windows 7 and beyond, meaning that if you're a
Windows XP holdout, you are still vulnerable.
That's still about 7.4 percent of the world, according to
analytics firm NetMarketShare. Those running versions of Exchange older than
Exchange 2010 are also not protected. "Customers still running prior
versions of these products are encouraged to upgrade to a supported
offering," Microsoft said in its post.
Read also: Microsoft's strong-arm tactics not good
The leaks from last week shared information about
"zero-day exploits," or vulnerabilities that are exploited on the
same day they are discovered. Security researchers initially feared that the
release of information about these insecurities would lead to a spike in hacks
while Microsoft scrambled to patch the problems after the disclosure.
But those worries were unfounded. Microsoft appears to have
been notified about the problems ahead of the release, security experts suspect
the company could have been informed by the Shadow Brokers or by the NSA
itself, Ars Technica reported.
Microsoft did not immediately respond to a request for
comment.
WASHINGTON
POST