National Security Agency found and disclosed a very threatening vulnerability in different versions of the windows including windows 10. So, now Microsoft is patching these errors one by one. Over 900 million PCs were under the vulnerability because of Microsoft.
The US government officials pinpoint the flaws in Microsoft which are considered as the most used operating system in the entire world. The vulnerability is so strong that the users are required to update their system as soon as possible in order to be safe from any hacker attack and security breach.
NSA and Microsoft both have confirmed that the vulnerability hadn’t given way to any hacker for now and no malicious code had yet been embed in the system. The Chief executive of Cybersecurity Directorate quoted in the report saying: “We are recommending the network owners expedite the patch immediately. The agency alerted Microsoft as soon as it discovered the bug.”
In order to demonstrate how severe of an issue it was, the Department of homeland security issued an emergency directive last week in which he was instructing the federal agencies for installing the patch into their system. Senior officials at Department of Homeland Security and infrastructure Security Agency Bryan Ware DHS also quoted that it would hold the calls with the industries that are working privately warning about the risk posed by the flaw.
The bug was raised because of the way Microsoft is using its signature for verifying the authenticity of the software. The authenticity protects the system from the malicious code attack. The flaw could allow hackers to install a potent malware in the windows of the undetected system.
It is for the very first time that NSA had pinpointed the issue so quickly and inform the respective company while posting a public statement. According to NSA, their first priority is to notify the vendors about the potential issues so that it could be fixed but often it retains and weaponize them for being used in a toxic activity like spying on hostile foreign military communications.
However, the agency is often time alleged for not alerting the private sector for serious vulnerabilities. In 2017 Microsoft denounced NSA publicly after it stole the hacking tool of NSA that was leaked on the internet and was used for a global cyberattack involving a window flaw.