Team OS : Your Only Destination To Custom OS !!

Welcome to TeamOS Community, Register or Login to the Community to Download Torrents, Get Access to Shoutbox, Post Replies, Use Search Engine and many more features. Register Today!

Tech News Microsoft alerted about new Windows flaw by NSA

With various versions of Windows occupying a billion devices worldwide, Microsoft’s premier operating system paints a rather large target on its back for smaller B2B security firms looking to stay ahead of nefarious parties, while also finding itself in the crosshairs of much larger agencies who might want to weaponize exploits for future data and surveillance collection.

The United States National Security Agency recently chose the former option as it alerted Microsoft about a Windows flaw that could put millions of users in danger of breach or surveillance hack. For obvious reasons, the details of the exploit are relatively vague, but according to the Washington Post, the vulnerability is essentially a mistake in computer code that specifically targets users of Microsoft’s latest Windows 10 operating system. By leveraging Microsoft and Adobe’s Code-signing sync engine, the NSA found an error in the Windows code that normally verifies legitimate signatures but could now ultimately allow hackers to install ransomware or spyware on Windows 10 PCs if exploited.

More specifically,

“The discovery has been likened to a slightly less severe version of the Microsoft flaw that the NSA once weaponized by creating a hacking tool dubbed EternalBlue, which one former agency hack said was like “fishing with dynamite.”

As a bit of a refresher, EternalBlue exploits a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol. The vulnerability exists because the SMB version 1 (SMBv1) protocol in various versions of Windows mishandles specially crafted packets from remote attackers, allowing them to execute arbitrary code on the target computer. The NSA used and, arguably abused the exploit right up until it became widely distributed online five years after they discovered it. The NSA ultimately alerted Microsoft in 2017 and a Medicines followed in early 2017, but only months before three other major cyberattacks were credited using the tool.

Fortunately, the NSA isn’t holding on to this one and giving it room to breathe like EternalBlue. Instead, by alerting Microsoft quickly, the NSA appears to be exhibiting a shift in prioritization of security and surveillance, for now at least. While Microsoft has had no comment on the matter, the NSA seems confident that the company will have a Medicines issued Tuesday to address the exploit, at which point Microsoft and the NSA can declare that “it has seen no active exploitation of the flaw.”

The discovery of the exploit comes as Microsoft ends security support for Windows 7 and attempts to shift consumers and businesses still using the soon-to-be vulnerable OS, over to Windows 10.
 

niklasw99

Member
Downloaded
56 GB
Uploaded
1.9 TB
Ratio
34.66
Seedbonus
51,338
Upload Count
0 (0)
Member for 4 years
So this affects Windows 7 and Windows 10 with SMB 1v enabled, Right?
 

Wichestery2k

👑 Administrator
Super Moderator
Moderator
Uploader
Power User
✅ Verified Member
Downloaded
1.4 TB
Uploaded
49.5 TB
Ratio
36.53
Seedbonus
51,557
Upload Count
241 (248)
Member for 7 years
So this affects Windows 7 and Windows 10 with SMB 1v enabled, Right?
I believe it was patched on today's Medicines for Windows 10... not sure on Windows 7
 

niklasw99

Member
Downloaded
56 GB
Uploaded
1.9 TB
Ratio
34.66
Seedbonus
51,338
Upload Count
0 (0)
Member for 4 years
I believe it was patched on today's Medicines for Windows 10... not sure on Windows 7
If it's just SMB v1 you can just disable it in Windows 10 and 7 No Problem there.
 

Wichestery2k

👑 Administrator
Super Moderator
Moderator
Uploader
Power User
✅ Verified Member
Downloaded
1.4 TB
Uploaded
49.5 TB
Ratio
36.53
Seedbonus
51,557
Upload Count
241 (248)
Member for 7 years
If it's just SMB v1 you can just disable it in Windows 10 and 7 No Problem there.
correct under turn off windows features
 

pepsitrev

Power User
✅ Verified Member
Member
Downloaded
317.7 GB
Uploaded
1,001 GB
Ratio
3.15
Seedbonus
10,670
Upload Count
0 (0)
Member for 10 years
great post thnx for updating us
 

Beechmasters

✅ Verified Member
Member
Downloaded
153.7 GB
Uploaded
9.5 TB
Ratio
63.52
Seedbonus
7,336
Upload Count
0 (0)
Member for 6 years
I knew they would find a way to force people to move from win 7 to winyuck 10.
I expect there will be more of these once win 7 updates end. Mark my words. It also happened with XP.
The updates ended and then "all of a sudden".
Thanks Wichestry for pointing this out :)
 
Top