The vulnerability – essentially a mistake in the computer code – affects the Windows 10 operating system, which is the most widely used today, according to the people who were briefed on the matter.

The discovery has been likened to a slightly less severe version of the Microsoft flaw that the NSA once weaponised by creating a hacking tool dubbed EternalBlue, which one former agency hacker said was like “fishing with dynamite.”

Microsoft declined to comment.

The NSA used EternalBlue for more than five years, but when it learned that the tool had been obtained by others, it alerted Microsoft, which issued a patch in early 2017. About a month later, Shadow Brokers, a suspected Russian hacking group, released the NSA tool online.

Malicious hackers turned it to their own purposes, launching massive ransomware campaigns such as the one dubbed WannaCry, which created global havoc and costly damage to businesses and other organisations.

EternalBlue worked on all Windows systems, not just one, which made it so potent. The flaw the NSA just uncovered would be useful to hackers seeking to break into some computers running Windows 10, which is used in a majority of companies and organisations.

Anne Neuberger, the director of the NSA’s Cybersecurity Directorate, which was launched last October, is expected to announce on Tuesday the agency’s discovery of the flaw and its warning to Microsoft.

Companies like Microsoft and Adobe use digital signatures to stamp software as authentic. This helps to prevent malware infections that might try to disguise themselves as legitimate. The NSA discovered an error in the Microsoft code that verifies those signatures, potentially enabling a hacker to forge the signature and install spyware or ransomware on a computer.

Loading

“Code-signing is one of the most effective tools we have to keep malicious software off of computers,” said Matthew Green, a cryptographer and computer science professor at Johns Hopkins University.

If the flaw is patched quickly, it’s not that dangerous, he added. “If a lot of people don’t patch, it could be a disaster.”

In a call with experts on Tuesday morning, NSA said that Microsoft will report that it has seen no active exploitation of the flaw, one of the people on the briefing said.

Washington Post

Most Viewed in Technology

Loading



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here