- A critical vulnerability could affect millions of Windows users around the world.
- Microsoft reportedly rolled out the security patch to the US military and other high-value organisations.
- The security fix will be rolled out as part of Microsoft’s monthly Patch Tuesday update.
Microsoft’s first major update of 2020 will try to fix a critical vulnerability that could potentially undermine Windows encryption completely. The security fix will be rolled out as part of its monthly Patch Tuesday rollout.
According to a security researcher
Brian Krebs, the update will fix an “extraordinarily serious security vulnerability”. This gains importance especially since Windows 7 reaches the end of its life today, January 14. Microsoft has ended support for Windows XP and Windows Vista already.
Despite this, the Redmond-based tech giant is expected to roll out this critical security patch to all versions of Windows.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More Microsoft reportedly shipped this security patch to the US military and other high-value organisations that manage key internet infrastructure. Krebs also claims that Microsoft has signed agreements with these organisations that prevent them from disclosing information about this vulnerability.
What is this critical vulnerability?
The issue at hand affects ‘crypto32.dll’, which is one of the core components of the Windows operating system. This component is used by the Windows Crypto API that lets developers offer encryption in their Windows software.
According to Krebs, the flaw could be exploited by hackers to install malware on your computer by spoofing Windows software’s digital signature. In other words, you could end up installing malware on your computer and Windows would not even be able to detect it.
Why is this so important?
Will Dormann, a vulnerability analyst at the CERT Coordination Center, has
tweeted that “people should pay very close attention” to installing today’s Patch Tuesday updates.
Coincidentally, the NSA is also scheduled to host a conference call to talk about a “current cybersecurity issue”.
This, combined with the fact that Microsoft is preventing organisations from disclosing the flaw, suggests that it is extremely critical. Since the majority of the world uses Windows, this has the potential to impact millions of computers at the very least.
On that note, we advise you to always keep your computers and smartphones up to date.
See also:
Microsoft ends free Windows 7 security updates on Tuesday
Microsoft contractors in China listened to Skype recordings with woefully bad levels of cybersecurity, report reveals
Vladimir Putin reportedly runs an outdated version of Windows on his computer that is vulnerable to hacking
Next Story
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
One of the world's only 5-star airlines seems to be considering asking business-class passengers to bring their own cutlery
Experts warn of rising temperatures in Bengaluru as Phase 2 of Lok Sabha elections draws near
Axis Bank posts net profit of ₹7,129 cr in March quarter
7 Best tourist places to visit in Rishikesh in 2024
From underdog to Bill Gates-sponsored superfood: Have millets finally managed to make a comeback?
7 Things to do on your next trip to Rishikesh
