Why do experts value the intelligence of the NSA reporting Windows 10 vulnerabilities?


Why do experts value the intelligence of the NSA reporting Windows 10 vulnerabilities?

by Rawpixel

In January 2020, Microsoft distributed security patches to fix dangerous vulnerabilities affecting hundreds of millions of PCs running Windows 10. MicrosoftreportAccording to this vulnerability,CryptoAPIIt is said that it was discovered with the Windows API, but security experts pointed out that it was “ important point '' especially, “ The US intelligence agency reported the vulnerabilityU.S. National Security Agency (NSA)That was the point. "

Microsoft patches Windows 10 after NSA finds vulnerability

Microsoft patches Windows 10 security flaw discovered by the NSA-The Verge

Microsoft and NSA say a security bug affects millions of Windows 10 computers | TechCrunch

Using one of the features included in CryptoAPI, developers can digitally sign software to prove that the software has not been tampered with. However, when using the vulnerability of CryptoAPI announced by Microsoft this time, it can disguise the digital signature of the content including software and files and make dangerous content appear to be safe.

Microsoft said, “ Since the digital signature looks like a trusted provider, there is no way for the user to know that the file is malicious, '' exploiting vulnerabilities to exploit malicious such as ransomware May be able to run vulnerable software on vulnerable computers. Vulnerability Disclosure Center operated by Carnegie Mellon UniversityCERT-CCSaid that this vulnerabilityRecommendation"The exploitation of this vulnerability may allow HTTPS or TLS communications to be intercepted or modified."

by BrianAJackson

On the other hand, security experts are also looking at the vulnerability from another perspective. Cyber ​​security companyTenable“ Generally, patches that fix such vulnerabilities are always important, but they became even more important in that the NSA disclosed the vulnerability to Microsoft, '' said Satnam Narang, senior research engineer at "

The NSA is known to spend a lot of money developing malware and hacking tools, and without disclosing its own discovered vulnerabilities,Zero-day attackIt was also found that they had created a tool that enabled

Clearly the existence of numerous hacking tools developed by the NSA to track hackers in other countries-gigazine

by Ilya Pavlov

In addition, ransomware "WannaCryNSA developed the spread ofEternalBlueThe NSA was strongly accused of knowing that a vulnerability attack tool was being used.

The attack tool “ EternalBlue '' that spreads the ransomware “ WannaCry '' is spreading smoothly-gigazine

by Laurent Peignault

This case that the NSA reported the vulnerability discovered to Microsoft seems to be the NSA's attempt to break away from the past policy of “ hiding the discovered vulnerability and using it for their own activities '' Have been Former NSA hacker Jake Williams asserts, "This bug is easier for government agencies to use than a typical hacker. It was an ideal vulnerability for monitoring men on intermediate networks." We welcome the vulnerability we discovered and not shared with Microsoft, but with Microsoft.

It is not clear how long it took from the discovery of this vulnerability by the NSA until it was actually notified to Microsoft, but Microsoft told CNBC that “ the vulnerability was actually exploited. I have never done that. "

This is not the first time a government agency has reported a vulnerability to a company, but it is the first time that a vulnerability report has been attributed to the NSA. Security reporter Brian Krebs asserted that the NSA-Microsoft partnership is part of a new initiative to "make NSA research accessible to software vendors and the public."

The NSA has announced its own(PDF file)RecommendationPointed out that this vulnerability is very dangerous. "This vulnerability puts Windows devices at risk of being exposed to a wide range of malicious vectors," he says.

Copy the title and URL of this article

Source link

Do you like this article??

Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button