Microsoft will patch Windows 10 after the NSA quietly told it about a major vulnerability

FAN Editor

Satya Nadella, chief executive officer of Microsoft Corp., pauses while speaking during a Microsoft product event in New York, U.S., on Wednesday, Oct. 2, 2019.

Mark Kauzlarich | Bloomberg | Getty Images

The National Security Agency alerted Microsoft in recent weeks to a significant issue affecting its Windows 10 operating system, ubiquitous within corporations and among consumers, two senior federal cybersecurity officials told CNBC.

The flaw affected encryption of digital signatures used to authenticate content, including software or files. If exploited, the flaw could allow criminals to send malicious content with fake signatures that make it appear safe. The finding was reported earlier by the Washington Post.

It was unclear how long the NSA knew about the flaw before reporting it to Microsoft. The cooperation, however, is a departure from past interactions between the NSA and major software developers like Microsoft. In the past, the top security agency has kept some major vulnerabilities secret in order to use them as part of the U.S. tech arsenal.

Microsoft did not immediately respond to request for comment.

According to the Post, the NSA said in a Tuesday morning call with cybersecurity experts that Microsoft will report that it had not seen any exploitation of the flaw. The NSA is expected to announce its findings later on Tuesday.

Follow @CNBCtech on Twitter for the latest tech industry news.

Free America Network Articles

Leave a Reply

Next Post

Spike Lee is first black filmmaker to lead Cannes festival jury

Acclaimed director Spike Lee will head to this year’s Cannes Film Festival as the first black president of its jury. “I’m honored to be the first person of the African diaspora (USA) to be named President of the Cannes Jury and of a main film festival,” the “Do The Right […]