Pwnie Awards 2017

The 2017 Pwnie Award For Best Server-Side Bug

CVE-2017-0143, 0144, 0145

NSA's Equation Group

These vulnerabilities allow arbitrary remote command execution on Microsoft Operating Systems running the SMB file sharing protocol, which is pretty much all MSFT systems. The vulnerabilities became known as a result of the Shadow Brokers release of (allegedly) the NSA’s ETERNAL* exploits, which include variations for different OS versions and functions. Multiple ransomware platforms have taken advantage of these vulnerabilities, causing Microsoft to release patched for unsupported systems such as Windows XP.