NSA Announces Vulnerability In Microsoft Operating System
The National Security Agency (NSA) announced that it found a “critical vulnerability” in Microsoft’s operating systems. This flaw could allow cyber intrusions, according to the report.
The NSA discovered “the severity of the vulnerability” and immediately informed Microsoft, according to Anne Neuberger, director of cybersecurity at NSA. Microsoft released a patch to solve the problem the same day.
The Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security, in an emergency directive said that it “strongly recommends organizations install these critical patches as soon as possible.”
Bryan Ware, an assistant secretary in the DHS said that it is asking federal civilian agencies to also:
“[take] a series of immediate actions to mitigate this risk and to minimize the exposure to associated threats to our federal information systems.”
The NSA broke from its past protocol on the dissemination of information about vulnerabilities. It chose to make the information public. This break from its past is aimed at building trust and encourage quick patching, Neuberger explained.
“We wanted to take a new approach to sharing and also really work to build trust with the cybersecurity community,” she had said.
PC Market Experiences Growth For The First Time Since 2011
YouTube Signs Three Of The Biggest Gaming Stars From Twitch
Two YouTubers Risk Channel Termination Over Memes
While announcing the patch, Microsoft said it hasn’t seen the vulnerability in its operating system used in active attacks.
The flaw is a part of the Windows operating system known as Crypt32.dll. Windows 10 and the last two versions of the Windows Server operating systems use it to implement:
“many of the Certificate and Cryptographic Messaging functions in the CryptoAPI, such as CryptSignMessage” according to Microsoft.
This means that the flaw could affect a broad range of users.
The disclosure also represents an improvement in relations between Microsoft and the NSA. NSA had allegedly secretly collected security vulnerabilities in Microsoft’s Windows in the past to use the tools for its own hacks.
Microsoft has a policy of regularly releasing security updates on the second Tuesday of each month, according to Jeff Jones, a senior director at Microsoft.
Make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can email us at firstname.lastname@example.org. Also, don’t forget to subscribe to our YouTube channel HERE.