<div>
The link quoted WIn 2008 R2 could be exploited; &nbsp;so starting from which version of Windows this<br />
is non-exploitable? &nbsp;Besides firewalls, what other mitigations can we deploy? &nbsp; Does McAfee NIDS provide<br />
any mitigation &amp;&nbsp;which signature?<br />
<br />
Can we stop creation of certain IOC files/extensions (eg: block known ransomwares extensions) &amp;<br />
what's the extensions or IOCs?
</div>


The link quoted WIn 2008 R2 could be exploited;  so starting from which version of Windows this
is non-exploitable?  Besides firewalls, what other mitigations can we deploy?   Does McAfee NIDS provide
any mitigation & which signature?

Can we stop creation of certain IOC files/extensions (eg: block known ransomwares extensions) &
what's the extensions or IOCs?

<div>
<div class="content wysiwyg-content">
<a href="http://www.pcworld.com/article/3190204/security/leaked-nsa-exploits-plant-a-bulls-eye-on-windows-server.html" rel="ugc">http://www.pcworld.com/article/3190204/security/leaked-nsa-exploits-plant-a-bulls-eye-on-windows-server.html</a><br />
<br />
Refer to above link.<br />
Is this a legit vulnerability &amp;&nbsp;which versions of Windows are affected (as the link did not say) <br />
&amp;&nbsp;that &quot;Microsoft has yet to release a patch for it&quot; ie MS ack it's a vulnerability ?<br />
<br />
Can cite any authoritative &amp;&nbsp;MS links that support the legitimacy of the above claims of vulnerability<br />
&amp;&nbsp;specifically NetBT protocol could be exploited by the above NSA exploit ?
</div>
</div>


http://www.pcworld.com/article/3190204/security/leaked-nsa-exploits-plant-a-bulls-eye-on-windows-server.html

Refer to above link.
Is this a legit vulnerability & which versions of Windows are affected (as the link did not say) 
& that "Microsoft has yet to release a patch for it" ie MS ack it's a vulnerability ?

Can cite any authoritative & MS links that support the legitimacy of the above claims of vulnerability
& specifically NetBT protocol could be exploited by the above NSA exploit ?

NSA exploit leveraging on NetBT (&amp; SMB)

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

NSA exploit leveraging on NetBT (&amp; SMB)

NSA exploit leveraging on NetBT (& SMB)