Budapest Post

Cum Deo pro Patria et Libertate
Budapest, Europe and world news

Microsoft rolls out Windows 10 security fix after NSA warning

Microsoft rolls out Windows 10 security fix after NSA warning

The NSA claim that they revealed flaw that could be exploited by hackers to create malicious software, so if you believe them (as you absolutely should) you better update your Windows now, so only the good guys can have a back door to your computer.
Microsoft is rolling out a security fix to Windows 10 after the US National Security Agency (NSA) warned the popular operating system contained a highly dangerous flaw that could be used by hackers. Reporting the vulnerability represents a departure for the NSA from its past strategy of keeping security flaws under wraps to exploit for its own intelligence needs.

The NSA revealed during a press conference on Tuesday that the “serious vulnerability” could be used to create malicious software that appeared to be legitimate. The flaw “makes trust vulnerable”, the NSA director of cybersecurity, Anne Neuberger, said in a briefing call to media on Tuesday.

If the vulnerability had been successfully exploited, an attacker would have been able to conduct “man-in-the-middle attacks” and decrypt confidential information on user connections to the affected software, Microsoft said.

Microsoft said it had not seen any evidence that hackers had used the technique discovered by the NSA.

“Customers who have already applied the update, or have automatic updates enabled, are already protected,” said Jeff Jones, a senior director at Microsoft, in a statement.

The vulnerability has a broad reach: as of 2017, Windows 10 was used on 400m computers.

The Washington Post reported on Tuesday that the NSA had discovered the flaw in recent weeks and alerted Microsoft to the problem. The issue was announced on Microsoft’s January “Patch Tuesday”, the second Tuesday of each month, when the company typically releases security improvements for operating systems and other software.

Priscilla Moriuchi, who retired from the NSA in 2017 after running its east Asia and Pacific operations, said this was a good example of the “constructive role” that the NSA could play in improving global information security.

Moriuchi, now an analyst at the US cybersecurity firm Recorded Future, said it was probably a reflection of changes made in 2017 to how the US determines whether to disclose a major vulnerability or exploit it for intelligence purposes.

The revamping of what’s known as the “vulnerability equities process” put more emphasis on disclosing unpatched vulnerabilities whenever possible to protect core internet systems and the US economy and general public.

The NSA has previously been criticized after it took advantage of vulnerabilities in Microsoft products to deploy hacking tools against adversaries and kept the technology multinational in the dark about it for years.

When one of those tools was dramatically leaked to the internet by a group calling itself ShadowBrokers, it was deployed against targets around the globe by hackers of all stripes.

In the most dramatic case, a group used the tool to unleash a huge malware outbreak dubbed WannaCry in 2017. The data-wiping worm wrought global havoc, affecting what Europol estimated was 200,000 computers in more than 150 countries.

Disclosing the vulnerability to Microsoft was “a significant step for the National Security Agency”, said Rick Holland, chief information security officer at Digital Shadows, a San Francisco-based provider of digital risk protection solutions.

“Make no mistake, though; the NSA will continue to hoard zero-days and leverage them as required to accomplish their objectives,” he said, referencing the agency’s previous policy of not alerting the public to potential vulnerabilities.
AI Disclaimer: An advanced artificial intelligence (AI) system generated the content of this page on its own. This innovative technology conducts extensive research from a variety of reliable sources, performs rigorous fact-checking and verification, cleans up and balances biased or manipulated content, and presents a minimal factual summary that is just enough yet essential for you to function as an informed and educated citizen. Please keep in mind, however, that this system is an evolving technology, and as a result, the article may contain accidental inaccuracies or errors. We urge you to help us improve our site by reporting any inaccuracies you find using the "Contact Us" link at the bottom of this page. Your helpful feedback helps us improve our system and deliver more precise content. When you find an article of interest here, please look for the full and extensive coverage of this topic in traditional news sources, as they are written by professional journalists that we try to support, not replace. We appreciate your understanding and assistance.
Newsletter

Related Articles

0:00
0:00
Close
Severe Heatwave Claims 2,300 Lives Across Europe
Declining Beer Consumption Signals Cultural Shift in Germany
Emails Leaked: How Passenger Luggage Became a Side Income for Airport Workers
Polish MEP: “Dear Leftists - China is laughing at you, Russia is laughing, India is laughing”
Western Europe Records Hottest June on Record
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
China’s Central Bank Consults European Peers on Low-Rate Strategies
France Requests Airlines to Cut Flights at Paris Airports Amid Planned Air Traffic Controller Strike
Poland Implements Border Checks Amid Growing Migration Tensions
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
China Unveils Miniature Insect-Like Surveillance Drone
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Germany Votes to Suspend Family Reunification for Asylum Seekers
Budapest Pride Parade Draws 200,000 Participants Amid Government Ban
Southern Europe Experiences Extreme Heat
Xiaomi's YU7 SUV Launch Garners Record Pre-Orders Amid Market Challenges
Jeff Bezos and Lauren Sanchez's Lavish Wedding in Venice
Russia Launches Largest Air Assault on Ukraine Since Invasion
Massive Anti-Government Protests Erupt in Belgrade
Iran Executes Alleged Israeli Spies and Arrests Hundreds Amid Post-War Crackdown
Hungary's Prime Minister Criticizes NATO's Role in Ukraine
EU TO HUNGARY: LET THEM PRIDE OR PREP FOR SHADE. ORBÁN TO EU: STAY IN YOUR LANE AND FIX YOUR OWN MESS.
Hungarian Scientist to Conduct 30 Research Experiments on the International Space Station
NATO Members Agree to 5% Defense Spending Target by 2035
NATO Leaders Endorse Plan for Increased Defence Spending
U.S. Crude Oil Prices Drop Below $65 Amid Market Volatility
International Astronaut Team Launched to Space Station
Macron and Merz: Europe must arm itself in an unstable world
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Iran Intensifies Crackdown on Alleged Mossad Operatives After Sabotage Claims
Trump Praises Iran’s ‘Very Weak’ Response After U.S. Strikes and Presses Israel to Pursue Peace
Oil Prices Set to Surge After US Strikes Iran
BA and Singapore Airlines Cancel Dubai Flights Amid Middle East Tensions
Trump Faces Backlash from MAGA Base Over Iran Strikes
Meta Bets $14 B on Alexandr Wang to Drive AI Ambitions
FedEx Founder Fred Smith, ‘Heart and Soul’ of the Company, Dies at 80
Chinese Factories Shift Away from U.S. Amid Trump‑Era Tariffs
Pimco Seizes Opportunity in Japan’s Dislocated Bond Market
Labubu Doll Drives Pop Mart to Status as China’s Most Valuable Toy Maker
Global Coal Demand Defies Paris Accord Goals
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
×