NSA Discovered Critical Windows Flaw and Informed Microsoft

  • NSA has helped Microsoft fix a highly critical Windows bug instead of keeping it for themselves.
  • The problem concerns a CryptoAPI spoofing vulnerability that leads to multiple ways of exploitation.
  • Microsoft has released the fixing patches today, so all Windows users are urged to apply them immediately.

The NSA (National Security Agency) has discovered a major flaw in Windows and reported it to Microsoft. This has been rumored in the last couple of days, so we were expecting to see something significant getting patched with today’s Windows update. What we didn’t expect to see was the reporting party to be the NSA, an entity that has preferred to use significant flaws for their own benefit and spying operations in the past. So, this is an event that showcases a shift in how the NSA handles security matters, although it could be just a flare.

The particular flaw is given the identifier CVE-2020-0601 and concerns the ability to use cryptography to sign a malicious executable, rendering it trusty for the operating system. This could potentially lead to website rerouting, files stealing, microphone activation, keystroke recording, disk wiping, ransomware installation, and anything else nasty you can think of. This is why Microsoft has pushed the fixing patch for this bug to branches of the U.S. military before the rest of us got it with today’s update.

Other critical vulnerabilities that have been addressed in this patch are the following:

  • CVE-2020-0603, CVE-2020-0605, CVE-2020-0606, and CVE-2020-0646 – Four remote code execution flaws in the .NET and ASP.NET core software.
  • CVE-2020-0609 and CVE-2020-0610 – Remote code execution vulnerabilities in the Windows Remote Desktop Protocol Gateway Server
  • CVE-2020-0611 – Remote code execution flaw in the Windows Remote Desktop Protocol client.
  • CVE-2020-0640 – Memory corruption vulnerability in the Internet Explorer web browser.

Apart from the above, today’s patch also fixes another 41 vulnerabilities that are classified as “important”, so applying the update should be an absolute priority for all Windows users right now. Also, this is the final patch that Windows 7 and Windows Server 2008/2008 R2 users will get.

As for what industry experts have to say about NSA’s decision to share their discovery with Microsoft, here’s what Chris Morales of Vectra told us: “NSA may have reported this flaw to MS because there was a concern that others would find this vulnerability themselves, and it was dangerous enough to warrant remediation instead of weaponizing. Or it just could be the NSA already has enough other methods for compromising a Windows system and doesn’t need it.”

Rick Holland, the Vice President of Digital Shadows thinks that: “It would be a mistake to think that NSA is changing direction. They will continue to hoard zero-days and leverage them as required to accomplish their objectives.”

REVIEW OVERVIEW

Recent Articles

How to Watch ‘Married at First Sight’ Online – Live Stream Season 11

Getting married at first sight isn't something most of us would even ever consider, but here we are, enjoying a reality TV show that's...

10 Best G-Sync Gaming Monitors in 2020

Here's a summary of the Best G-Sync Gaming Monitors in 2020 Best 4K G-Sync Monitor – Asus ROG Swift PG65UQ 65” Best 1440p G-Sync...

Critical SAP Vulnerability Could Lead to Corporate Network Takeover

SAP releases a critical patch, plugging severe remote server takeover hole that requires no authentication. The discoverer of the vulnerability is ready...

The New “Spox” Phishing Kit Makes Campaign Deployment Easier

A new phishing kit has appeared and is growing in popularity quickly, thanks to its user-friendly approach. The kit is called “Spox,”...

British e-Ticketing Service Breach Resulted in 4.8 Million Records Now for Sale

A new threat actor is selling 4.8 million email addresses and passwords on the dark web. The database includes various email addresses...