Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Eugene

(62,659 posts)
Wed Jan 15, 2020, 12:24 PM Jan 2020

NSA identifies "critical vulnerability" in Microsoft Windows 10

Source: CBS News

NSA identifies "critical vulnerability" in Microsoft Windows 10

BY OLIVIA GAZIS
JANUARY 14, 2020 / 4:36 PM / CBS NEWS

Washington — The National Security Agency disclosed Tuesday that it has identified a "critical vulnerability" in Microsoft's Windows 10 operating system — but that it reported the flaw to the company and its partners rather than exploiting it for surveillance or hacking purposes.

Anne Neuberger, the head of the NSA's newly restructured cybersecurity directorate, told reporters the agency was recommending that all network owners "expedite" implementation of a patch. She said neither the agency nor Microsoft has, to date, seen exploitation of the flaw, which affected millions of computers.

Microsoft released its patch on Tuesday. In a statement, senior director Jeff Jones said, "We follow the principles of coordinated vulnerability disclosure (CVD) as the industry best practice to protect our customers from reported security vulnerabilities."

The NSA issued a cybersecurity advisory on Tuesday, calling the flaw "severe" and said that "sophisticated cyber actors will understand the underlying flaw very quickly."

"The consequences of not patching the vulnerability are severe and widespread," the advisory said.

-snip-


Read more: https://www.cbsnews.com/news/microsoft-windows-10-nsa-identifies-critical-vulnerability-today-2020-01-14/
2 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
NSA identifies "critical vulnerability" in Microsoft Windows 10 (Original Post) Eugene Jan 2020 OP
Does that mean new Windows 10 software will already be patched? Bayard Jan 2020 #1
Windows 10 usually downloads patches immediately after installation/upgrade. Eugene Jan 2020 #2

Bayard

(24,145 posts)
1. Does that mean new Windows 10 software will already be patched?
Wed Jan 15, 2020, 12:36 PM
Jan 2020

I'm thinking of upgrading from Windows 7.

Eugene

(62,659 posts)
2. Windows 10 usually downloads patches immediately after installation/upgrade.
Wed Jan 15, 2020, 12:49 PM
Jan 2020

This latest fix is being pushed out just now.

While it's not impossible, I don't expect Microsoft to patch the master images before the 04.2020 release goes production.

Latest Discussions»Issue Forums»National Security & Defense»NSA identifies "critical ...