The National Security Agency (NSA), the intelligence agency in the United States, alerted Microsoft to the fact that it had discovered a major flaw in the Windows 10 operating system, according to CNBC. two federal cybersecurity officers. The company has developed a security update and recommends that all of its customers install it quickly.
The flaw in question, essentially an error in the software code, could have exposed Internet users to serious data leaks or surveillance, according to the Washington Post , which was the first to report the news.
Hackers could also have exploited the breach to imitate digital signatures and thereby pass malware for legitimate applications.
This is a new and surprising approach for the NSA, which until recently preferred to keep these vulnerabilities to collect intelligence and develop cyber weapons for use against enemies of the United States.
In 2017, NSA agents warned Microsoft president Brad Smith that it had discovered a similar flaw, but did so too late, exposing several Internet users to attacks.
As the New York Times reports , the government agency had known about this breach for some time, but kept it secret, hoping to use it to expand its technical arsenal.
This time, the rapid collaboration of the NSA will have allowed Microsoft to develop a security update (New window) before there is too much damage.
“A security update was released online on January 14, 2020, and those who have already installed it or have automatic updates are already protected.” As always, we encourage people to install security updates as soon as possible, “said Jeff Jones, senior director at Microsoft, in a statement.