Hacker News new | past | comments | ask | show | jobs | submit login

How long has this vulnerability been known but kept quiet for use in the NSA's library of exploits? EternalBlue was based on a Windows exploit they knew about but withheld from Microsoft so they could continue to exploit it. That deliberate withholding of information has cost many organizations a lot of money:

https://www.forbes.com/sites/kalevleetaru/2019/05/25/as-eter...

https://www.nytimes.com/2019/05/25/us/nsa-hacking-tool-balti...

Is this another problem that could have been fixed a long time ago?




> Is this another problem that could have been fixed a long time ago?

Yes. The bug was documented in the public documentation, not even hidden in the closed source code.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: