In response to the news that a security researcher has discovered that exploits stolen from the NSA last year have been tweaked to potentially impact all versions of Microsoft’s operating system back to Windows 2000, IT security experts commented below.
Mark James, Security Specialist at ESET:
“One of the problems with digital exploits is the ability to change or adapt them for current or future use. Although the original attack method may not work currently it may only take a small tweak in the code to turn it back into a formidable weapon for reuse.
When it comes to protecting your environment, one of the standard pieces of advice is keeping your operating system and applications patched and up-to-date. The worry is that you wave this advice away because it constantly pops up, however the reality is, in some cases it really could mean the difference between getting compromised or not.
Most exploits rely on an unpatched system and once it is patched that entry is gone. Keeping your system up-to-date these days is not that difficult, programs both free and paid for will help you make it easier and, in most cases, will remind or inform you about updates and when is best to apply them.”
Lee Munson, Security Researcher at Comparitech.com:
“NSA exploits in the while are a big problem for businesses and, perhaps more so, for home users.
“The fact that three new exploits are in the wild could be a massive problem to users of all versions of Windows it seems, though only if patch management is lacking.
“The obvious answer, therefore, is for everyone to keep their operating systems fully up to date, either by allowing automatic updates or by manually installing patches on a regular basis.
“Users of older, unsupported versions of the Windows operating system should of course, wherever possible, upgrade to a more modern version which will offer a huge range of security enhancements to their devices.”