The National Security Agency in the US is well known for its use of exploits to spy on folks but the agency appears to have turned over a new leaf.
We says this because an alarmingly severe Windows 10 vulnerability was recently discovered and the discovery was made by the NSA. Even more bizarre, the NSA reported the vulnerability to Microsoft.
The vulnerability affects the crypt32.dll within Windows. This little module implements Certificate and Cryptographic Messaging functions within Windows. If exploited, an attacker could spoof digital signatures and certificates and slip malware onto a PC by making it look legit.
“A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools,” explained security researcher Brian Krebs on his blog.
The vulnerability affects Windows 10, Windows Server 2016 and Windows Server 2019.
Thankfully, Microsoft has already issued a patch that fixes this vulnerability. The patch is available right now.
“This vulnerability is classed Important and we have not seen it used in active attacks,” principal security program manager for the Microsoft Security Response Center, Mechele Gruhn, said in a statement.
“This vulnerability is one example of our partnership with the security research community where a vulnerability was privately disclosed and an update released to ensure customers were not put at risk,” Gruhn added.
We’re still reeling from the fact that the NSA brought this vulnerability to Microsoft’s attention. The agency is not known for disclosing vulnerabilities it could very well make use of.
EternalBlue springs to mind. This exploit was used for five years by the NSA before it alerted Microsoft to its existence. We’ll remind you that the only reason that alert happened is because the NSA’s hacking tools were stolen and then released by Shadowbrokers.
EternalBlue would go on to help WannaCry ransomware sow havoc on PCs around the world.
We recommend our readers update Windows as soon as possible by heading to Settings, selecting Update & Security and downloading the latest update.[Via – Engadget]