If this stuff wasn't developed in partnership with the target OS manufacturer I would eat my hat. AND my boots. AND all of your hats, with a few glasses of my favorite merlot.
I don't have a hat. Can I offer you something else? I wouldn't be surprised if they somehow got hands on OS source code and could developed it on their own.
So the NSA knew that millions of American citizens and businesses were using an OS that laid them all wide open to hackers and criminals and their response was to develop themselves a hacking platform so they could exploit it all too!! You know I think I get it now, we all have their name wrong NSA doesn't mean the National Security Agency. It means, NO Security Agency!!
They used NOBUS (nobody but us) approach - they exploit vulnerabilities that they thought would not be found by someone else and report those that were to easy to find. Of course that backfired when those tools got stolen and released.
The NSA UNITEDRAKE exploit appears to be a MITM SSL/TLS encryption attack. All the NSA would need to do is insert their own cert. in Windows root CA cert. store to pull it off. Also will currently only work on IE, Edge, and Outlook since they use Windows root CA cert. store. Chrome and I now believe FireFox? use their own CA cert. stores. Also, Thunderbird has its own CA cert. store. Also believe any security product that performs SSL/TLS protocol scanning would defeat this exploit since they also use their own cert. for the scanning.
I still think it was in partnership with the OS manufacturer I have studied some of these "vulnerabilities" in the past very closely and could find no logical reason why they were coded that way except to provide an intruder with a way in and not only that, also built in tools that might have been used to detect that type of thing such as security audit tools, firewall notifications etc disabled or broken. The problem here is most people do not have the analytical way of thinking that allows them to see all the circumstantial evidence as a big picture. They isolate each incident as if it is unconnected. In the same way, the NSA had their surveillance infrastructure in place and no one wanted to listen to those who had evidence of that until they had it spoon fed to them by Snowdon.
Here's a link to where you can find more info on UnitedDrake and the rest of the recent NSA exploits: https://www.peerlyst.com/posts/the-...ys-exploits-being-sold-this-month-newswatcher. Excerpt from it below:
Let's not forget about the documents released by Snowdon which 4 years ago revealed how closely Microsoft were working with the NSA. https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data http://techrights.org/wiki/index.php/Microsoft_and_the_NSA
"Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core A serial leak of the agency’s cyberweapons has damaged morale, slowed intelligence operations and resulted in hacking attacks on businesses and civilians worldwide..." https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html Extensive read.