fbpx
Business

Microsoft releases patch for security flaw discovered by U.S. intelligence agency

The vulnerability would have let hackers use spoofing techniques to appear as a trusted source

Microsoft has released a free software patch for a flaw in Windows 10 that could have allowed hackers to obtain secure communications from users.

The tech giant says that it doesn’t believe that the flaw was exploited by hackers.

The flaw was detected by the U.S. National Security Agency. Security researchers say that it is interesting that the NSA tipped off Microsoft about the flaw, instead of exploiting the vulnerability for their own intelligence needs.

The vulnerability would have let hackers use spoofing techniques to appear as a trusted source. Users would have been unable to determine if a file was malicious because the digital signature would appear as a trusted source. Microsoft said hackers would have also been able to decrypt confidential information.

“A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software,” the tech giant wrote in a statement.

The security patch will be downloaded on some computers automatically if you have automatic updates turned on. If not, you’ll have to download it manually.

Source: Microsoft, CBC  

Comments