Microsoft Windows is the worlds most used and famous Operating System. Recently we have seen that Microsoft has stopped giving updates to windows 7. So currently Microsoft is having Windows 10 as leading OS. But here NSA has found some major issues with Windows 10.
NSA reveals a Major Flaw in Microsoft Windows 10’s Code
The US National Security Agency (NSA) has found a major issue with Windows 10 which could help hackers to create problems to other users. After that Microsoft has confirmed that they have fixed that issue and they are now aware of it.
NSA found this issue while they had a press conference. No one knows that this issue is there from how long.
The security expert, Brian Krebs, said the software giant sent the patch to branches of the US military and other high-level users before its release. He wrote, “extraordinarily scary”.
The problem comes in the core component of Windows named as crypt32.dll. It is a program which allows the software developers to get access to different functions like digital certificates.
Microsoft said,
“An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source.”
The user does not have any way of knowing the malicious file as the digital signature appears from a trusted provider.
The company also gave warning to the vulnerability which can pave the way for middle attacks. This can involve a hacker giving a legitimate program when it is rigged to act as spyware.
The good news is that Microsoft disclosed that no one is abusing the vulnerability yet. Operating systems like Windows 7 was also not affected. Moreover, NSA says, hackers will quickly create and distribute tools to exploit the flaw.