Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense

NSA Shares Vulnerability Discovered In Microsoft Windows 10 And Server Platforms

Exploit Bypasses Trust Validation Process; Patch Released

Add bookmark
Jeff Orr
Jeff Orr
01/15/2020
NSA Discovers Vulnerability

The U.S. National Security Agency (NSA) took the unusual step of disclosing a vulnerability it discovered in the Microsoft Windows 10 and Windows Server 2016/2019 software environments. Microsoft has contemporaneously released a patch to address the concern.

A critical vulnerability (known as CVE-2020-0601) was identified in the cryptographic functionality of the Windows platform.

According to the NSA brief, the certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution. The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality.

Exploitation of the vulnerability allows attackers to defeat trusted network connections and deliver executable code while appearing as legitimately trusted entities. Examples, where validation of trust may be impacted, include: HTTPS connections, signed files and emails, and signed executable code launched as user-mode processes.

The signing process is like a stamp of approval within the Windows trust environment. This vulnerability throws signing into doubt. Fortunately, Microsoft has a patch for the affected platforms.

See Related: Task Force 7 Radio: Former NSA Officer Talks Dangers Of Information Ops

Windows: The De Facto Standard For Enterprise OS

No doubt that Windows is a dominant OS platform for the enterprise and the number of organizations impacted by this vulnerability is significant. In September 2019, Microsoft Corporate Vice President of Modern Life & Devices Yusuf Mehdi revealed its installed base. “#Windows10 is on more than 900M devices! Thanks to our customers, we added more new Windows 10 devices in the last 12 months than ever before,” Mehdi tweeted.

During Fall 2018, Microsoft officials said that more than half of all Windows enterprise devices were running Windows 10, with the other half running some older version of Windows, primarily Windows 7. With the sunset now concluding on support for Windows 7, organizations have been working diligently to migrate to the Windows 10 environment.

See Related: Enterprise Security Leaders Prepare For Nation State Cyber Attacks

A New Chapter For NSA Handling Of Cyber Vulnerabilities

On a call with media, Anne Neuberger, head of the NSA's Cybersecurity Directorate said, “[We are] recommending that network owners expedite implementation of the patch immediately as we will also be doing. When we identified a broad cryptographic vulnerability like this we quickly turned to work with the company to ensure that they could mitigate it.”

In 2017, a Windows vulnerability known to the NSA was not disclosed upfront and the agency is known to have exploited it for as many as five years. The tool developed for the exploit, known as Eternal Blue, was leaked by a hacker group and became widely adopted by individuals and nation-states to attack unpatched Windows systems.

The NSA faced further criticism over the years for its practice of hoarding vulnerabilities for its own exploitation. Most security researchers reach out to vendors and developers so issues can be fixed. The timely disclosure of this vulnerability is part of the agency’s effort to share security incidents without itself exploiting the weakness first for intelligence purposes.

See Related: Task Force 7 Radio: Baltimore Blames NSA For Ransomware Attack

Tags: Cyber Security Cybersecurity Enterprise Security NSA Nationstate Nation-State Vulnerability Exploit Windows Microsoft Trust Patch window of vulnerability Windows 10 Vulnerability NSA windows Microsoft NSA
info@cshub.com/r/n

We hope you enjoy All Access from CS Hub!!<\/p>\r\n<p>Best Regards,<\/p>\r\n<p><a href=https://www.cshub.com/"https:////www.cshub.com///" target=\"_blank\">CS Hub Team<\/a><\/p>\r\n<p>P.S. Be sure to check out our other upcoming <a href=https://www.cshub.com/"https:////www.cshub.com//events?filter_format=ONLINE\%22 target=\"_blank\">All Access events here<\/a>.<\/p>\r\n<p>--------------------------------<\/p>\r\nConnect with us on Social Media: <a href=https://www.cshub.com/"https:////www.linkedin.com//groups//12067996///" target=\"_blank\">LinkedIn<\/a> | <a href=https://www.cshub.com/"https:////twitter.com//CSHubUSA/" target=\"_blank\">Twitter<\/a><\/p>\r\n<p>--------------------------------<\/p>\r\n<p>FAQS<\/p>\r\n<p><b>Can I invite my colleagues?<\/b><br>Yes of course! Please send them this link so they can register for free! [WebUrl]<\/p>\r\n\r\n<p><b>How do I access the sessions?<\/b><br>\r\nAll Access is run on Zoom Events. You should receive an email shortly from Zoom Events with your unique All Access link to the event lobby. Please hold on to that email ahead of the event. We\u2019ll also send you a reminder 24 hours before we go live!<\/p>\r\n\r\n<p><b>Will the agenda be updated?<\/b><br>\r\nYes, the agenda will be continuously updated on the website with the latest sessions & speakers. As we get closer to the event, also look out for our weekly updates which will also include the latest updates information and link to access the event.<\/p>\r\n<p><b>Can I access the sessions On Demand?<\/b><br>\r\nEvery session will be available after the event via the event lobby. We\u2019ll also send you a reminder about the On Demand sessions which will be sent to you after the event is over.<\/p>\r\n<p>--------------------------------<\/p>\r\n<p>RELATED RESOURCES TO READ BEFORE YOUR EVENT<\/p>\r\n<ul>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//executive-decisions//reports//cs-hub-mid-year-market-report-2022?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CS Hub Mid-Year Market Report 2022<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//ciso-strategies-for-proactive-threat-prevention?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CISO strategies for proactive threat prevention<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//how-to-strengthen-email-security-and-protection-against-advanced-ransomware-attacks?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">How to strengthen email security and protection against advanced ransomware attacks<\/a><\/li>\r\n<\/ul>","event_registration_srs_confirmation_email":null,"assets_from_cdn":true},"bant_disabled":0,"sponsorship_disclaimer":null,"sponsorship_disclaimer_text":null,"sponsorship_disclaimer_checkbox_disabled":0,"ext_treat_id":null,"recording_url":null,"file_attachment":null,"ingo_enabled":null,"ingo_activator_id":null,"ingo_autofiller_id":null,"ingo_amplifier_id":null,"ingo_authorizer_id":null,"restricted_content":0,"featured_events_embedded":[],"featured_content_embedded":[],"featured_content_portal_embedded":null}" >

FIND CONTENT BY TYPE

News Case Studies Interviews White Papers Videos

Cyber Security Hub COMMUNITY

About Us Power10 Contact Us Advertise with us Cookie Policy User Agreement Become a Contributor All Access from CS Hub Become a Member Today Media Partners

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Cyber Security Hub, a division of IQPC

© 2026 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC | Contact Us | About Us | Cookie Policy