Associated Press
FILE (AP Photo/Mark Lennihan, File)
- The National Security Agency has detected a "severe" security flaw in the Microsoft Windows 10 operating system, the agency announced Tuesday.
- Microsoft acknowledged the flaw and rolled out a security update Tuesday afternoon.
- The flaw hasn't been actively exploited, as far as Microsoft can tell, but all Windows users are urged to install the software update as soon as possible.
- The NSA first reported the flaw to Microsoft after detecting it - it's exceedingly rare for government agencies to share their discovery of vulnerabilities with a private company, an expert says.
- Visit Business Insider's homepage for more stories.
The National Security Agency is urging all Windows 10 users to update their software after detecting a "severe" security flaw in the operating system, the agency announced Tuesday.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More The NSA first detected the flaw and alerted Microsoft, prominent security researcher Brian Krebs first reported. NSA Director of Cybersecurity Anne Neuberger confirmed that the agency told Microsoft about the flaw in a call with reporters Tuesday morning.
Microsoft confirmed the flaw and rolled out a patch update for Windows 10, as well as Windows Server 2016 and Windows Server 2019, on Tuesday afternoon. Microsoft hasn't found any evidence that the flaw has been actively exploited, but urged all Windows users to install the latest update.
The security flaw allows attackers to target users of unpatched Windows systems with malware that mimics the digital signature of a trusted provider. If people downloaded the malicious file, hackers could access "confidential information" stored on their computers, according to Microsoft.
It's exceedingly rare for a federal agency to tell a company about a cybersecurity flaw - according to Neuberger, this is the first time the NSA disclosed a vulnerability to Microsoft.
In an email to Business Insider, Amit Yoran, founding director of the Department of Homeland Security's US Computer Emergency Readiness Team and CEO of Tenable, underscored how unusual this disclosure is.
"For the US government to share its discovery of a critical vulnerability with a vendor is exceptionally rare if not unprecedented," Yoran said. "These are clearly noteworthy shifts from regular practices and make this vulnerability worth paying attention to."
Next Story
I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
Move over Bollywood, audio shows are starting to enter the coveted ‘100 Crores Club’
10 Powerful foods for lowering bad cholesterol
Eat Well, live well: 10 Potassium-rich foods to maintain healthy blood pressure
Bitcoin scam case: ED attaches assets worth over Rs 97 cr of Raj Kundra, Shilpa Shetty
IREDA's GIFT City branch to give special foreign currency loans for green projects
