By now, many of you have heard about the Shadow Broker hacker group and their leak of enormous amounts of NSA hacking tools, exploits and previously undisclosed vulnerabilities. One such SMBv1 vulnerability is now reported and fixed under MS17-010. In addition to checking for the existence of this vulnerability, SAINT researchers have now developed a new remote exploit capable of gaining a fully privileged command connection to unpatched targets running Windows 7 and Windows Server 2008 R2, using an SMBv1 vulnerability. This exploit will be deployed in tomorrow’s (4/27/17) content update. The exploit is based on EternalBlue, one of the modules in the framework leaked by the Shadow Brokers hacker group earlier this month. To ensure your systems are not at risk, be sure to run the Full Penetration policy against your network, or run the exploit against individual Windows systems.