July 18, 2017

"Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system."

bleeping computer: ETERNALSYNERGY is one of the NSA exploits leaked by the Shadow Brokers hacking group in April this year. By Catalin Cimpanu

'According to a Microsoft technical analysis, the exploit can allow an attacker to execute code on Windows machines with SMB services exposed to external connections.

'The exploit works up to Windows 8. According to Microsoft, the techniques used in the original ETERNALSYNERGY exploit do not work on newer platforms due to several kernel security improvements.

'Under the hood, ETERNALSYNERGY leverages a vulnerability in version 1 of the SMB file sharing protocol. The vulnerability is tracked as CVE-2017-0143.

'Wang says his exploit targets the same vulnerability but uses a different exploitation technique. His method "should never crash a target," the expert says. "Chance should be nearly 0%," Wang adds.'

No comments: