Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Microsoft alerted about new Windows flaw by NSA
3 min. read
Published onJanuary 14, 2020
published onJanuary 14, 2020
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
With various versions of Windows occupying a billion devices worldwide, Microsoft’s premier operating system paints a rather large target on its back for smaller B2B security firms looking to stay ahead of nefarious parties, while also finding itself in the crosshairs of much larger agencies who might want to weaponize exploits for future data and surveillance collection.
The United States National Security Agency recently chose the former option as it alerted Microsoft about a Windows flaw that could put millions of users in danger of breach or surveillance hack. For obvious reasons, the details of the exploit are relatively vague, butaccording to the Washington Post, the vulnerability is essentially a mistake in computer code that specifically targets users of Microsoft’s latest Windows 10 operating system. By leveraging Microsoft and Adobe’s Code-signing sync engine, the NSA found an error in the Windows code that normally verifies legitimate signatures but could now ultimately allow hackers to install ransomware or spyware on Windows 10 PCs if exploited.
More specifically,
“The discovery has been likened to a slightly less severe version of the Microsoft flaw that the NSA once weaponized by creating a hacking tool dubbed EternalBlue, which one former agency hack said was like “fishing with dynamite.”
As a bit of a refresher, EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol. The vulnerability exists because the SMB version 1 (SMBv1) protocol in various versions of Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer. The NSA used and, arguably abused the exploit right up until it became widely distributed online five years after they discovered it. The NSA ultimately alerted Microsoft in 2017 and a patch followed in early 2017, but only months beforethree other major cyberattackswere credited using the tool.
Fortunately, the NSA isn’t holding on to this one and giving it room to breathe like EternalBlue. Instead, by alerting Microsoft quickly, the NSA appears to be exhibiting a shift in prioritization of security and surveillance, for now at least. While Microsoft has had no comment on the matter, the NSA seems confident that the company will have a patch issued Tuesday to address the exploit, at which point Microsoft and the NSA can declare that “it has seen no active exploitation of the flaw.”
The discovery of the exploit comes asMicrosoft ends security support for Windows 7and attempts to shift consumers and businesses still using the soon-to-be vulnerable OS, over to Windows 10.
Kareem Anderson
Networking & Security Specialist
Kareem is a journalist from the bay area, now living in Florida. His passion for technology and content creation drives are unmatched, driving him to create well-researched articles and incredible YouTube videos.
He is always on the lookout for everything new about Microsoft, focusing on making easy-to-understand content and breaking down complex topics related to networking, Azure, cloud computing, and security.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Kareem Anderson
Networking & Security Specialist
He is a journalist from the bay area, now living in Florida. He breaks down complex topics related to networking, Azure, cloud computing, and security
