Microsoft has rolled out a security fix for Windows 10 after the US National Security Agency (NSA) alerted them about a major flaw in Windows 10 operating system. NSA earlier discovered a serious security vulnerability which includes handling of certificate and cryptographic messaging functions in Windows 10 that can be used by hackers.

“Attackers can use malicious code to trick users by pretending it as genuine software”. Anne Neuberger, the cybersecurity director of NSA told this to media in a briefing call. If the issue is left unattended then this bug will create a problem for Windows 10 by invalidating the software that machine runs. NSA suggested earlier to Microsoft that they should immediately patch systems that host the domains like, VPN servers or DNS servers. Finally, Microsoft considered this and released a security patch earlier this week. This issue was first exposed by freelance security reporter Brian Krebs.

Windows 10 Security Patch

Let us help you to make your PC safe for any vulnerabilities. Get Windows tech support now or call us at 1.888.274.5606 for immediate response.

 The bug was expected to make millions of computers worldwide using Windows 10 vulnerable to attacks, affecting a decade-old Windows cryptographic component, CryptoAPI. This component allows developers to digitally sign their software making it a legitimate one. So, if this component gets tempered by attackers, it can make it easier for them to run malicious software on a vulnerable computer.

windows 10 malware attack

Microsoft said earlier, “The user would have no way of knowing the file was malicious because the digital signature would appear to be from a trusted provider.” 

CERT-CC, the vulnerability disclosure center at Carnegie Mellon University issued an advisory that the bug can also be used to stop and modify HTTPS (or TLS) protocols.

Though, Microsoft made it clear by saying that it didn’t found any evidence that this bug was actively found or misused by hackers.