EternalBlue (CVE-2017-0144)
EternalBlue is the SMBv1 exploit leaked from the NSA's Equation Group that became the worm engine for WannaCry and NotPetya.
Definition
EternalBlue is the NSA exploit (CVE-2017-0144) targeting Microsoft Server Message Block version 1 (SMBv1). The exploit chain uses a sequence of SMBv1 transaction-handling bugs to achieve unauthenticated remote code execution on any Windows system with SMBv1 enabled. The Shadow Brokers leaked the exploit in April 2017; within a month, WannaCry weaponised it into a ransomware worm that infected hundreds of thousands of systems globally. NotPetya followed weeks later.
Impact
Worm-class RCE against unpatched Windows installations.
Mitigation
Apply MS17-010 (March 2017 patch). Disable SMBv1 entirely.