Cybersecurity
Security Agency Discovers Serious Flaw in Microsoft Windows

(Bloomberg) –The National Security Agency alerted Microsoft Corp. that it had found a vulnerability in Windows operating systems that could enable cyber intrusions, according to two people familiar with the matter.
The news comes hours before Microsoft is scheduled to release a security update, which is part of a company practice of disclosing newly found software vulnerabilities in hardware.
There isn’t an active cyber-attack, according to Microsoft.
Anne Neuberger, the NSA’s director of cybersecurity, has scheduled a press briefing on Tuesday, amid an agency push to be more transparent and friction between tech companies and the government in recent years over vulnerability disclosure.
The flaw lies in a part of Windows software known as Crypt32.dll, according to one of the people who requested anonymity because the information isn’t yet public. That file is used by the Windows and Windows Server operating systems — to implement “many of the Certificate and Cryptographic Messaging functions in the CryptoAPI, such as CryptSignMessage” — according to Microsoft. This means that the flaw could affect a broad range of users.
Microsoft has a policy of regularly releasing security updates on the second Tuesday of each month, and this update aligns with that schedule, according to a Monday statement by Jeff Jones, a Senior Director at the company.
“We follow the principles of coordinated vulnerability disclosure (CVD) as the industry best practice to protect our customers from reported security vulnerabilities,” Jones said in the statement. “To prevent unnecessary risk to customers, security researchers and vendors do not discuss the details of reported vulnerabilities before an update is available.”
News of the NSA’s discovery was previously reported by The Washington Post and Krebs on Security, a cybersecurity blog.
-
Banking & Finance2 months ago
Oman Arab Bank Announces Increase of Authorised Capital to RO500mn and Paid‑In Capital Boost of RO50mn
-
Bahrain2 months ago
SPIEF 2025 focused on global and regional economic processes, market transformation, new tech, investment climate, financial policy and people
-
Banking & Finance1 month ago
National Finance Reinforces Position as Partner for Growth, Offers a Comprehensive Product Suite to Support Customer Ambitions
-
OER Magazines2 months ago
OER, June 25
-
Energy1 month ago
Russian Energy Week from October 15-17, 2025 offers alternative formats of cooperation
-
Banking & Finance2 months ago
The Future of the International Financial System to be discussed at SPIEF 2025
-
Retail2 months ago
All services are moving toward personalisation says Tatyana Kim, Founder of Wildberries and Head of RWB
-
Alamaliktistaad Magazines2 months ago
Al-Iktisaad, June 25