Microsoft received a warning about a flaw in Windows from the National Security Agency before hackers launched a massive global ransomware attack last weekend using a hacking tool the NSA allegedly developed which targets some versions of Microsoft Windows, the Washington Post reports.
EternalBlue has been used by the NSA for more than five years. It was also developed by the agency, reports the Telegraph, and stolen by hackers in March. That's when the NSA told Microsoft about the vulnerability, and the company issued a security update to fix the flaw.
But many users had not installed the patch by the time EternalBlue was dumped on the Internet in April.
"The governments of the world should treat this attack as a wake up call," Microsoft's president and chief legal officer, Brad Smith, wrote in a blog post. "This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem."
"Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage," he added. "An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen."