The NSA announced the discovery of the security hole in Windows during a press conference. It is not clear how long the intelligence service knew about the problem before it was reported to Microsoft.
Microsoft has issued an update on Tuesday to close the gap. The company says it has not yet discovered an abuse of the vulnerability.
Security experts to mention “serious” and recommend that all organizations working with Windows implement the new update as quickly as possible. Security expert Brian Krebs writes that Microsoft had already silently sent the update to the US military and organizations that manage “vital infrastructure.”
Signature in code
The gap is in the way Windows checks programs, the so-called ‘code signing’. In the code of programs is a signature of the maker. When an update comes, Windows knows that it is a real update, and that it is not malicious software that acts as a real program.
The NSA discovered that this can be avoided. A hacker, for example, could place espionage software somewhere unseen. According to the NSA, the problem is in both Windows 10 and Windows Server 2016.
NSA warned Microsoft
According to NSA’s cyber security director Anne Neuberger, the Microsoft service warned of the vulnerability. It was the first time that the NSA was the first to report a major security issue to Microsoft. After the warning, Microsoft was able to correct the error.
It means a striking change of course for the NSA. In 2011 or 2012, the NSA also found a hole in Windows. That hole was named EternalBlue. The service stopped the discovery so that the hackers could use the opening. However, the information fell into the hands of others, possibly Russian cyber spies.
EternalBlue was then used to hostage the software WannaCry spreading. That attack is attributed to North Korean state hackers.
–
