VERY IMPORTANT

"The caught-in-the-wild exploit of CVE-2017-0005, a 0-Day attributed by Microsoft to the Chinese APT31 (Zirconium), is in fact a replica of an Equation Group exploit code-named “EpMe.” APT31 had access to EpMe’s files, both their 32-bits and 64-bits versions, more than 2 years before the Shadow Brokers leak. The exploit was replicated by the APT during 2014 to form “Jian”, and used since at least 2015, until finally caught and patched in March 2017."