NSA Issues Windows 10 Warning

 
 

The US National Security Agency (NSA) issued a rare warning about a vulnerability discovered in Windows 10 at a press conference on January 14, 2020.

The exploit takes advantage of the way Windows 10 validates digital certificates, which allow software to run that is deemed legitimate by the OS.
An attacker could mimic a genuine certificate and use it to run malware, potentially installing ransomware, gaining remote access, or setting up a backdoor for spying.
Windows 10 would view the software as coming from a trusted source and allow the executable to run.

This bug affects Windows 10, Windows Server 2016, and Windows Server 2019.

Microsoft has already issued a patch (CVE-2020-0601) for this exploit via Windows Update.

The fix can also be downloaded from the Microsoft Security Response Center website.

Need Help with Windows?

For this or other issues with Windows 10, the Method IT team is here to help! Founded in Tokyo in 2004, we are a registered Microsoft Partner and offer fast and friendly English-Japanese bilingual support from native speakers.
Feel free to open a support ticket below to get in touch with one of our specialists!

Follow us for news on Windows 10, Office 365, and other Microsoft solutions

More Microsoft News ›