Skip to main content

Windows 10 Patch, UN Cyberattack & WordPress Bug

Windows 10 Patch, UN Cyberattack & WordPress Bug

Today is Wednesday, January 15th, 2020 and here are today’s most pressing cyber stories in under 5 minutes.

 

Patch your Windows 10 Now!

 

The U.S. National Security Agency (NSA) started a new chapter after discovering and reporting to Microsoft a vulnerability tracked as CVE-2020-0601 and impacting Windows 10 and Windows Server systems.

 

In a phone conference that Bleeping Computer joined, NSA's Director of Cybersecurity Anne Neuberger said that this is the first time the agency decided to publicly disclose a security vulnerability to a software vendor.

 

"We thought hard about that. When Microsoft asked us, 'Can we attribute this vulnerability to NSA?' we gave it a great deal of thought. And then we elected to do so and here is why," Neuberger explained.

 

She added that "part of building trust is showing the data" and, as a result, "it's hard for entities to trust that we indeed take this seriously and ensuring that vulnerabilities can be mitigated is an absolute priority."

 

Neuberger also said during the media call that the agency will make efforts towards becoming an ally to the cybersecurity community and private sector entities, and will begin to share vulnerability data with its partners instead of accumulating it and using it in future offensive operations.

 

"We believe in Coordinated Vulnerability Disclosure (CVD) as proven industry best practice to address security vulnerabilities," MSRC's Principal Security Program Manager Mechele Gruhn