According to The Washington Post newspaper, Microsoft, the maker of Windows, comes Tuesday with an update to close the gap. Microsoft itself has not yet responded.
The gap would be in the way Windows checks programs, called code signing. In the code of computer programs there is a signature of the maker. When an update comes, Windows knows that it is a real update, and that it is not malicious software that acts as a real program. The NSA would have discovered that this can be circumvented. A hacker, for example, could place espionage software somewhere unseen.
Windows 10 is the most recent version of the operating system. He came on the market in 2015. Two in three Windows PCs in the world run on Windows 10.
According to The Washington Post, the NSA immediately sent a warning to Microsoft after the discovery, so that the company could correct the error. If that is correct, it is a striking change of course. In 2011 or 2012, the NSA also found a hole in Windows. That hole was named EternalBlue. The service stopped the discovery so that the hackers could use the opening. However, the information fell into the hands of others, possibly Russian cyber spies. EternalBlue was then used to distribute the WannaCry hostage software. That attack is attributed to North Korean state hackers.
Every day during lunch the latest news in your inbox?
Invalid email address. Please enter again.
You can unsubscribe with 1 click