How to Discover Computers Vulnerable to EternalBlue & EternalRomance Zero-Days

The public leaks of NSA tools and information have led to the release of previously secret zero-day exploits such as EternalBlue, which was used in the notorious WannaCry ransomware attack. Despite multiple patches being released, many users have failed to update their systems, so many devices are still vulnerable to these now-public attacks. EternalBlue (CVE-2017-0144) and EternalRomance (CVE-2017-0145) originally came to light following the Shadow Brokers' leaks of NSA compromised tools. These exploits targeted errors in Microsoft's Server Message Block (SMB) protocol implementation. These... more



from WonderHowTo http://ift.tt/2jHlvFQ
via IFTTT