Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,660 posts)
Wed Jan 15, 2020, 12:24 PM Jan 2020

NSA identifies "critical vulnerability" in Microsoft Windows 10

Source: CBS News

NSA identifies "critical vulnerability" in Microsoft Windows 10

BY OLIVIA GAZIS
JANUARY 14, 2020 / 4:36 PM / CBS NEWS

Washington — The National Security Agency disclosed Tuesday that it has identified a "critical vulnerability" in Microsoft's Windows 10 operating system — but that it reported the flaw to the company and its partners rather than exploiting it for surveillance or hacking purposes.

Anne Neuberger, the head of the NSA's newly restructured cybersecurity directorate, told reporters the agency was recommending that all network owners "expedite" implementation of a patch. She said neither the agency nor Microsoft has, to date, seen exploitation of the flaw, which affected millions of computers.

Microsoft released its patch on Tuesday. In a statement, senior director Jeff Jones said, "We follow the principles of coordinated vulnerability disclosure (CVD) as the industry best practice to protect our customers from reported security vulnerabilities."

The NSA issued a cybersecurity advisory on Tuesday, calling the flaw "severe" and said that "sophisticated cyber actors will understand the underlying flaw very quickly."

"The consequences of not patching the vulnerability are severe and widespread," the advisory said.

-snip-


Read more: https://www.cbsnews.com/news/microsoft-windows-10-nsa-identifies-critical-vulnerability-today-2020-01-14/
Latest Discussions»Help & Search»Computer Help and Support»NSA identifies "critical ...