The National Security Agency (NSA) of the United States warned all Windows 10 users to update their operating system, after a critical vulnerability was discovered.
A mere day after Windows 7 was discontinued, the NSA issued a statement warning the 900 million users to update their copy of Windows 10 due to a “Critical vulnerability.”
The official statement reads as follows:
NSA has discovered a critical vulnerability (CVE-2020-0601) that affects the cryptographic functionality of Microsoft Windows. The certificate validation vulnerability allows an attacker to weaken the way Windows verifies cryptographic trust and can allow remote code execution. The vulnerability affects Windows 10 and Windows Server 2016/2019, as well as applications that rely on Windows for trusted functionality. Exploiting the vulnerability allows attackers to defeat reliable network connections and deliver executable code while appearing as legitimately reliable entities. Examples in which trust validation may be affected include:
- HTTPS connections
- Signed files and emails
- Signed executable code launched as processes in user mode
The vulnerability puts Windows endpoints at risk for a wide range of exploitation vectors. The NSA assesses that the vulnerability is severe and that sophisticated cyber actors will understand the underlying flaw very quickly and, if exploited, would make the platforms mentioned above fundamentally vulnerable. The consequences of not repairing vulnerability are serious and widespread. Remote exploitation tools will probably be available quickly and widely. Rapid adoption of the patch is the only known mitigation at this time and should be the main focus for all network owners.
In simple terms, hackers have discovered a vulnerability in Windows 10 that could (for example) issue a fake update that gives them full control and excessive site over a user’s computer.
The NSA advises “Install all patches on Tuesday of January 2020 patches as soon as possible to effectively mitigate vulnerability on all Windows 10 and Windows Server 2016/2019 systems.”
With the NSA acting before Microsoft, some have shown more concerns about why exactly they would speak. While the US Department of Defense. UU. He confirmed that they would run Windows 10 in 2018, it seems logical (and we hope) that they use more sophisticated technology, minds and anti-piracy measures so as not to be affected by issues like this.
Your concerns may have arisen thanks to the “Update Delivery Optimization” of Windows 10. It allows updates to be made from other PCs in your local network. If hackers can exploit Windows 10 to think that malicious code is part of a normal Windows 10 update, it is logical that the virus can spread through a system.
Apparently, the news was first busted by Will Dormann, a vulnerability analyst at the CERT Coordination Center. Tweeted on January 13 “I have the impression that people should perhaps pay close attention to the installation of Microsoft’s patch updates on Tuesday in a timely manner. Even more than others. I don’t know … just call it a hunch? “
Cybercrime journalist Brian Krebs reported (via Krebs On Security) later that day that they had heard rumors from their sources that claimed “Microsoft has quietly sent a patch for the error to branches of the US military and other high-value customers / targets that manage key Internet infrastructure, and that those organizations have been asked to sign agreements that prevent them from disclosing details of the failure before January 14, the first patch Tuesday, 2020. “
His report mentions that the vulnerability occurred through crypt32.dll (a Windows module that Microsoft claims it manages, cites: “certificate and cryptographic messaging functions in CryptoAPI “) While not mentioned in the NSA announcement, Krebs said crypt32.dll could be used to “Falsify the digital signature linked to a specific piece of software.”
On January 14, Krebs updated his article, stating that the NSA Director of Cybersecurity, Anne Neuberger, made a call to the media that morning to report the vulnerability discovered by “NSA researchers” to Microsoft also stated that “This was the first time Microsoft will accredit the NSA for reporting a security breach.”
When asked why the NSA focused on that defect, Neuberger reported that there was concern that “It makes trust vulnerable.” The NSA refused to give Krebs more details, such as when they discovered the fault.
Krebs would later declare on Twitter that, while this was not the first time the NSA took public credit for discovering a flaw, it would be a new approach in the future.
“Sources say that this NSA disclosure is planned to be the first of many as part of a new NSA initiative called” Turn a New Leaf, “which aims to make the agency’s vulnerability investigation available for the main software providers and, ultimately, for the public.
Nuber’s Neuberger said this was not the first vulnerability the agency had reported to Microsoft, but it was the first for which they accepted credit / attribution when MS requested it. “
Windows 10 has been reluctantly accepted by most because it is a free update to Windows 7 and 8 for a while. Others expressed great concern about the privacy of Windows 10 due to features such as Cortana, a digital “personal assistant” that responds to voice and its activities to help avoid questions and preload web pages.
Others still claim that Windows has worked secretly with the NSA to install digital backdoors in its operating system, to allow them to spy on users without a court order. Suffice it to say that no formal evidence or charges have been filed. A much more pressing concern that many users had was their forced updates and reboots, along with changes in their home menu to look a lot like a smartphone screen (including game ads).
Image: PX Here, Wikimedia Commons [1, 2]