Microsoft reproducing the large-scale vulnerability of the global 750 million computers or hacking-vulnerability warning-the black bar safety net

2017-04-17T00:00:00
ID MYHACK58:62201785329
Type myhack58
Reporter 佚名
Modified 2017-04-17T00:00:00

Description

Due to the invasion by the United States NSA and blow the hacker group Shadow Brokers, at 4, on 14 January evening once again released a series of heavy files. Burst for Microsoft Windows System a large number of remote vulnerabilities using the tool, the impact of including Windows XP, Windows 7 as well as a large number of Windows Server systems, including the global about 70% of the machine, these tools to be criminals use, can be remotely operated victims computer to obtain all permissions.

Due to the burst of the vulnerability of many, the impact of the system range dramatically, while the tool has been disclosed a wide range of spread, a number of universities, government, banks and even individual users have brought a huge threat. Tencent computer housekeeper in the event after the outbreak, the first time for a warning, also given against this series of attacks of means of Defense, and to closely monitor and respond to the crisis. Currently Tencent computer Butler has been available to fix the vulnerability, please the majority of users promptly to update fix!

!

According to the FOFA system statistics show that the global range, may be affected by this attack affects the machine more than 750 million units,China may have more than 133 million units affected. At the same time, due to the leaked documents most of the is the exploit program, the attacker get into the program, even if unaware of the attack the principle, also can break through the system's defenses, resulting in remote code execution and other high-risk impact. The computer Butler in a short period of time, dig out a batch of the most important documents for an in-depth analysis. Many of them with our lives of safety information.

In addition, the computer Butler security researchers also verified the leaked invasion tool Eternal Blue, can be successfully exploited on Windows SMB service(445 port)vulnerabilities, resulting in remote code execution(RCE) on. This vulnerability may allow an attacker to remotely control the victim's Windows System, to cause extremely serious harm. The following figure is a successful attack screenshots.

!

From these events, as can be seen, the Internet security situation is still grim, the need for attention to the protection of computers, mobile phones, IOT, device security, and turn on the antivirus protection Internet Security.