Following the release, hackers from around the world have been looking to exploit the vulnerabilities, and they’ve been pretty successful. Phobos Group founder Dan Tentler told the Register today that a growing amount of boxes on the public internet have the NSA’s DOUBLEPULSAR installed.
Over 15,000 Infected Devices
Despite Microsoft’s efforts, many users still haven’t updated their machines. While the latest Windows 10 is safe, Windows 7, 8.1 and Vista require intervention. XP and Server 2003 users won’t find a fix at all. A preliminary scan reveals over 15,000 infections and growing. “The polite term for what’s happening is a bloodbath,” said Tentler. “The impolite version is dumpster fire clown shoes shit show. I’m hopeful this is the wakeup moment for people over patching Windows machines.” Naturally, the NSA’s priority is stealth, so naturally, DOUBLEPULSAR is difficult to detect. However, infections can be confirmed via the response to a special ping to port 445. Statistics from other researchers show an even worse picture. Thankfully, many businesses are untouched due to strict update policies. However, it only takes one weak link to cause mayhem, so you should really think about applying MS17-010 if you haven’t already.