'This is the type of [vulnerability] I am sure the [NSA hackers] would have loved to use for years to come'.
Microsoft's scheduled security update for Windows includes a fix to a potentially risky bug that would allow an attacker to spoof a certificate, making it look like it came from a trusted source.
The U.S. intelligence agency has historically opted to weaponize vulnerabilities discovered in a vendor's software for offensive purposes, mostly notably when it exploited a Microsoft flaw for more than a half-decade by creating a hacking tool called Eternal Blue.
According to the security-centric blog: "Sources tell KrebsOnSecurity that Microsoft Corp.is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows". Even the Windows 10 had to wait for almost 4 years before it could surpass the market share of Windows 7. On the plus side, Microsoft has said it will continue pushing out definition updates to MSE (Microsoft Security Essentials) on Windows 7 PCs.
It can hardly have escaped your attention that yesterday was the day Microsoft stopped supporting Windows 7.
That's not a cheap ask, given that Windows 10 Home edition costs £119.99 for a single license, which is valid for one PC. For most users, switching browsers isn't a casual thing, after all.
Meanwhile, those unable to migrate workloads to the cloud are instead advised to move to Microsoft's Windows Server 2019, which carries hybrid capabilities to integrate with Azure, plus Kubernetes support for Windows containers. "We will be able to say more once the patch will be released".
The UK Government Communications Headquarters (GCHQ) has warned people not to use Windows 7 to do internet banking or use e-mails from computers with Windows 7 from Tuesday 14th January. "The notification will remain on the screen until you interact with it", Microsoft says.
If successful, an attacker could then conduct man-in-the-middle attacks and decrypt confidential information, or run malware even in environments using app whitelisting.
Bennett gets Black Caps recall
Skipper Kane Williamson has also returned to the T20I squad after missing the series against England in November past year . With that, he is also clever with his variations and that is what makes him a well-round T20 bowler in the squad.