Comprehensive Software Reviews to make better IT decisions
Windows 10 Security Flaw Discovered; Millions of Devices at Risk
On January 14, Microsoft issued a statement acknowledging a crucial security flaw within its Windows 10 operating systems. Reported by the National Security Agency (NSA), the security flaw is a failure in the Windows 10 CryptoAPI service. This flaw affects both Windows 10 and Windows Server Update systems.
The API allows developers to sign their programs digitally. This shows that the program comes from an accredited source and is free from tampering. The vulnerability would allow for hackers to easily spoof digital signatures. This lets their websites and software appear legitimate to Microsoft authentication checks, creating a breach of trust.
Source: Windows Server Update Services at SoftwareReviews, Report Published April 2019
Why it Matters
A bug in Microsoft’s core computing processes is concerning. The API should not allow the altering of digital signatures. As a result, executable programs that are downloaded under the pretense of being a normal update may be used to Trojan in harmful software. “This is a core, low-level piece of the Windows operating system and one that establishes trust between administrators, regular users, and other computers on both the local network and the internet,” says Kenn White, security principal at MongoDB. Kenn furthered this by stating, “If the technology that ensures that trust is vulnerable, there could be catastrophic consequences.”
Windows 10 is the most commonly deployed desktop operating system in use today. This security flaw affects any device that operates using Windows 10 or one of the Windows server systems. This includes devices operated by the government, small and large businesses, healthcare providers, and core infrastructure. The API flaw in Windows 10 has the potential to affect millions of people worldwide. We’ve seen the use of this type of spoofing before in the Stuxnet virus to disastrous effect. Microsoft has developed an emergency patch for download to prevent the abuse of its security flaws. It’s recommended that any users of either Windows 10 or Windows Server Update Service update their devices immediately to the latest patch.
Want to Know More?
Since its acquisition of Rsam in 2019, Galvanize (formerly ACL) has maintained its high-quality delivery of cloud-based security, risk management, compliance, and audit software. Recognized as one of Canada’s Best Managed Companies, Galvanize’s comprehensive product offerings have not gone unnoticed.
GTB Technologies has been recognized as “Best Data Loss Prevention Solutions Provider for 2020.” With organizations addressing digital transformation and a growing remote workforce, the risk of data breaches is increased from both insider and outsider perspectives.
SC Media had its recent 2020 SC Awards Honored in the U.S. event and has awarded Qualys recognition for Best Vulnerability Management Solution in the “Trust Awards” category.
RSA Archer, a leader in the governance, risk, and compliance space has been acquired by Symphony Technology Group, based in Palo Alto, California. Symphony, a private equity firm, has investments in a cross section of companies in the analytics space, HR and recruitment, and supply chain among many others.
Qualys announced its new flagship product, Qualys VMDR, at RSA Conference 2020. According to the Qualys website, VMDR will be available after March 30, 2020.
There is a vulnerability at the layer 2 Wi-Fi encryption level called Kr00k (formally CVE-2019-15126 in the NIST National Vulnerability Database) affecting Broadcom and Cypress Semiconductor Wi-Fi devices.
Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.
Qualys’ newest product, VMDR (Vulnerability Management, Detection, and Response), will be available in March and will provide an all-in-one cloud-based solution for vulnerability management. VMDR will automate the entire management cycle on all endpoints.
Startup security vendor SECURITI.ai wins RSAC “Most Innovative Startup” at the RSA Conference 2020 Innovation Sandbox Contest.