The NSA reported a serious security flaw to Microsoft in their Windows 10 operating system on 14th January 2020. The flaw allows a fake certificate to appear to be authorised from a trusted source, so a safe “signed” file may actually contain malicious content, obscured from the end user and in a supposedly “safe” file.
The fix is being provided in the February “patch Tuesday” release.
Previously, the NSA withheld notification of vulnerabilities and exploited them for intelligence gathering or alleged cyberwarfare activities. The NSA cache of windows vulnerabilities was discovered by the ShadowBrokers cracking group and released through Wikileaks. These NSA exploits then formed the basis of serious malware, including WannaCry ransomware, causing billions of dollars in damage.
Agilient highly recommends ensuring this patch is applied, and scanning all machines using Windows 10 with anti-malware software.
Agilient provides business intelligence services that illustrate current threats and their relevance you your business infrastructure, alongside security posture assessment services.
If you’re concerned about this security flaw or any security threats to your business, please contact us for a confidential discussion.
Author: David Steele, Agilient Consultant