It’s a Party in the NSA

National Security Agency 

In its first “Patch Tuesday” of the year, Microsoft disclosed a serious flaw in some versions of its Windows operating system. Microsoft doesn’t think hackers have exploited the flaw, and it provided patches to the military and other high-value targets ahead of yesterday’s release.

Now for the actual news: The National Security Agency (NSA) tipped off Microsoft.

The NSA has helped companies identify vulnerabilities before, but this is the first time it’s taken credit. Going public is the first step in building trust with cybersecurity researchers.

The backstory: Microsoft security researchers have special reason to distrust the NSA. Years ago, the agency knew about a Windows vulnerability, but instead of saying anything, it built a hacking tool (called EternalBlue) for its own purposes instead.

In 2017, hackers exploited that vulnerability, crippling networks around the world with WannaCry ransomware. The NSA faced criticism after people found out it could have been prevented.

Later that year, the government released a blueprint for intelligence agencies to follow when they identify flaws in consumer software.

source : Morning Brew

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s