Skip to main content
  1. Home
  2. Web
  3. News

NSA warns about Windows exploit, ignores its own role in creation of malware

By
Image used with permission by copyright holder

In a rare occurrence, the National Security Agency (NSA) has published a statement urging people to update their older Windows systems to protect against the BlueKeep vulnerability.

The NSA does not typically comment on cybersecurity vulnerabilities in commercial products, but the potential danger of the recently detailed exploit has lead it to make a statement.

Recommended Videos

“The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats,” the statement read. “We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact, and are seeking to motivate increased protections against this flaw.”

The concern over this particular exploit is that it is “wormable,” meaning that it can spread itself from one infected computer to others on the same network. This is a big threat to older machines on a shared network, such as a typical enterprise system, as well as older machines which are connected to the internet.

Although there has not been a worm using this exploit detected yet, both Microsoft and the NSA believe it is only a matter of time until one appears. “NSA is concerned that malicious cyber actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems,” the statement said.

The NSA also published an advisory on what steps system administrators should take to protect their networks against this vulnerability.

This is somewhat ironic given the NSA’s role in the creation of the very similar EternalBlue exploit which was recently used to hold the city of Baltimore’s computer systems for ransom. The NSA developed the EternalBlue attack software for its own use, but lost control of it when it was stolen by hackers in 2017. It then caused chaos around the world with the WannaCry and NotPetya cyber attacks. BlueKeep is similar enough to EternalBlue that Microsoft compared the two of them in its warning to users about the vulnerability.

The NSA has never formally acknowledged its role in the creation of malware, even though Microsoft itself pointed the finger at the NSA for the problems caused by “the stockpiling of vulnerabilities” and condemned it for allowing the malware to be stolen. “An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen,” Microsoft said.

Editors’ Recommendations

Topics
Georgina Torbet
Georgina Torbet
Space Writer
Georgina has been the space writer at Digital Trends space writer for six years, covering human space exploration, planetary…
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more
Microsoft Word vs. Google Docs
A person using a laptop that displays various Microsoft Office apps.

For the last few decades, Microsoft Word has been the de facto standard for word processors across the working world. That's finally starting to shift, and it looks like one of Google's productivity apps is the heir apparent. The company's Google Docs solution (or to be specific, the integrated word processor) is cross-platform and interoperable, automatically syncs, is easily shareable, and perhaps best of all, is free.

However, using Google Docs proves it still has a long way to go before it can match all of Word's features -- Microsoft has been developing its word processor for over 30 years, after all, and millions still use Microsoft Word. Will Google Docs' low barrier to entry and cross-platform functionality win out? Let's break down each word processor in terms of features and capabilities to help you determine which is best for your needs.
How does each word processing program compare?
To put it lightly, Microsoft Word has an incredible advantage over Google Docs in terms of raw technical capability. From relatively humble beginnings in the 1980s, Microsoft has added new tools and options in each successive version. Most of the essential editing tools are available in Google Docs, but users who are used to Word will find it limited.

Read more