Microsoft issues critical Windows security fix found by the NSA

Microsoft issues critical Windows security fix found by the NSA

Microsoft Corp on Tuesday rolled out an important security fix after the U.S. National Security Agency tipped off the company to a serious flaw in its widely used Windows operating system, officials said.

Microsoft said the flaw could allow a hacker to forge digital certificates used by some versions of Windows to authenticate and secure data. Exploiting the flaw could have potentially serious consequences for Windows systems and users.

The NSA and Microsoft said they had not seen any evidence that the flaw had previously been abused but both urged Windows users to deploy the update as soon as possible. NSA official Anne Neuberger noted that operators of classified networks had already been prodded to install the update and everyone else should now “expedite the implementation of the patch.”

The Microsoft patch marks the first time the NSA has publicly claimed credit for prompting a software security update, although the agency said it has alerted companies in the past to flaws in their products. Neuberger said the agency was striving for more transparency with the information security research community.

Advertisement

“Part of building trust is showing the data,” she told reporters in a call just minutes before the patch went live.

The NSA faces a tricky balancing act when it comes across such vulnerabilities. The agency had been criticized after its own cyberspies took advantage of vulnerabilities in Microsoft products to deploy hacking tools against adversaries and kept the Redmond, Washington-based company in the dark about it for years.

When one such tool was dramatically leaked to the internet by a group calling itself ShadowBrokers, it was deployed against targets around the globe by hackers of all stripes.

In the most dramatic case, a group used the tool to unleash a massive malware outbreak dubbed WannaCry in 2017. The data-wiping worm wrought global havoc, affecting what Europol estimated there was some 200,000 computers in more than 150 countries.

Advertisement

Neuberger did not directly address that controversy in her call but said that the NSA hoped to be “a good cybersecurity partner.”

“We’re working to evolve our mission,” she said.

See Microsoft blog post for more information

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or LinkedIn.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

back to top

Popular Tech News

Exciting Microsoft Windows 10 X Features

Exciting Microsoft Windows 10 X Features

01 February, 2020

Windows 10 X is a new edition of Windows 10 designed for dual-screen devices.

We Demand That Microsoft Release a Free Windows 7

We Demand That Microsoft Release a Free Windows 7

01 February, 2020

The Free Software Foundation wants Microsoft to keep Windows 7 alive as a free operating system. Microsoft stopped provi...

What is shadow IT?

What is shadow IT?

09 February, 2020

Many of us will seek out the WiFi password when going into a building, and the reality for many businesses is that the m...

Windows 10 version 1809 will reach end of support in May

Windows 10 version 1809 will reach end of support in May

17 February, 2020

Microsoft dropped support for the popular Windows 7 operating system as well as Windows Server 2008 R2 in January 2020 e...

Apple releases watchOS 6.1.3 including bug fixes

Apple releases watchOS 6.1.3 including bug fixes

18 February, 2020

Apple is currently beta testing watchOS 6.2, but before the company gets around to launching that version to the public...

Latest Apple Arcade games for iPhone, iPad, Mac, and Apple TV

Latest Apple Arcade games for iPhone, iPad, Mac, and Apple TV

02 February, 2020

Apple Arcade launched with close to 100 titles and the service is seeing new games added regularly. Follow along with ou...

×

Sign up to keep in touch!

Be the first to hear the latest Cyber and Tech News straight to your mailbox.

Check out our Privacy Policy & Terms of use
You can unsubscribe from email list at any time