® We dig deep so you don't have to!™

  • The NSA found a dangerous flaw in Windows and told Microsoft to fix it

    The NSA found a dangerous flaw in Windows and told Microsoft to fix it

    You need to update your Windows machine right now. The National Security Agency discovered a major flaw in Microsoft Windows that would have allowed hackers to compromise the newest versions of Windows 10, an operating system used by nearly one billion devices.

    H/T: MIT Technology Review

    Scheduled as part Microsoft’s regular distribution of patches issued on the second Tuesday of every month, the security fix mitigates a critical vulnerability in the Windows programming interface, CryptoAPI.

    A description of the vulnerability was posted by Microsoft in a security advisory titled, CVE-2020-0601 Windows CryptoAPI Spoofing Vulnerability:

    An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

    A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.


Latest Clips

More GroupThink

© 2019 ALL RIGHTS RESERVED — Contact