Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
NSA identifies "critical vulnerability" in Microsoft Windows 10
Source: CBS News
NSA identifies "critical vulnerability" in Microsoft Windows 10
BY OLIVIA GAZIS
JANUARY 14, 2020 / 4:36 PM / CBS NEWS
Washington — The National Security Agency disclosed Tuesday that it has identified a "critical vulnerability" in Microsoft's Windows 10 operating system — but that it reported the flaw to the company and its partners rather than exploiting it for surveillance or hacking purposes.
Anne Neuberger, the head of the NSA's newly restructured cybersecurity directorate, told reporters the agency was recommending that all network owners "expedite" implementation of a patch. She said neither the agency nor Microsoft has, to date, seen exploitation of the flaw, which affected millions of computers.
Microsoft released its patch on Tuesday. In a statement, senior director Jeff Jones said, "We follow the principles of coordinated vulnerability disclosure (CVD) as the industry best practice to protect our customers from reported security vulnerabilities."
The NSA issued a cybersecurity advisory on Tuesday, calling the flaw "severe" and said that "sophisticated cyber actors will understand the underlying flaw very quickly."
"The consequences of not patching the vulnerability are severe and widespread," the advisory said.
-snip-
BY OLIVIA GAZIS
JANUARY 14, 2020 / 4:36 PM / CBS NEWS
Washington — The National Security Agency disclosed Tuesday that it has identified a "critical vulnerability" in Microsoft's Windows 10 operating system — but that it reported the flaw to the company and its partners rather than exploiting it for surveillance or hacking purposes.
Anne Neuberger, the head of the NSA's newly restructured cybersecurity directorate, told reporters the agency was recommending that all network owners "expedite" implementation of a patch. She said neither the agency nor Microsoft has, to date, seen exploitation of the flaw, which affected millions of computers.
Microsoft released its patch on Tuesday. In a statement, senior director Jeff Jones said, "We follow the principles of coordinated vulnerability disclosure (CVD) as the industry best practice to protect our customers from reported security vulnerabilities."
The NSA issued a cybersecurity advisory on Tuesday, calling the flaw "severe" and said that "sophisticated cyber actors will understand the underlying flaw very quickly."
"The consequences of not patching the vulnerability are severe and widespread," the advisory said.
-snip-
Read more: https://www.cbsnews.com/news/microsoft-windows-10-nsa-identifies-critical-vulnerability-today-2020-01-14/
