Windows users are being told to update their computers after a hacking group released a collection of exploits designed to help cybercriminals break into Microsoft’s software.
The tools, which were , had allegedly been stolen from the US’ National Security Agency (NSA) .
It is believed that NSA spies had been using the exploits to secretly break into computers running older versions of Windows, including XP and Vista.
Microsoft says “most of the exploits” have already been addressed with a series of patches – one of which was issued as recently as last month – but warned Windows users to make sure their devices are up to date.
Gadgets and tech news in pictures Gadgets and tech news in pictures
“Most of the exploits that were disclosed fall into vulnerabilities that are already patched in our supported products,” the company wrote in a . “We encourage customers to ensure their computers are up-to-date.”
Users running the latest versions of the Windows operating systems still supported by Microsoft will be safe from the EternalBlue, EmeraldThread, EternalChampion, ErraticGopher, EsikmoRoll, EternalRomance, EducatedScholar, EternalSynergy and EclipsedWing exploits.
“Of the three remaining exploits, ‘EnglishmanDentist’, ‘EsteemAudit’, and ‘ExplodingCan’, none reproduces on supported platforms, which means that customers running Windows 7 and more recent versions of Windows or Exchange 2010 and newer versions of Exchange are not at risk,” added Microsoft.
“Customers still running prior versions of these products are encouraged to upgrade to a supported offering.”
Microsoft has hinted that the NSA didn’t warn it about the release, with a spokesperson telling , “Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers.”
However, Edward Snowden, who previously claimed that the NSA “did not warn Microsoft” about the Shadow Brokers release, has suggested that the organisation may have tipped off the tech firm ahead of its March patch, , “Microsoft doesn’t credit anyone for the report behind the March patch. Was it @NSAGov? If so, it was the right call. Better late than never.”