Windows

Windows 10 receives a cumulative update for versions 1903 and 1909 that fixes a threat discovered by the NSA

2024
Windows 10 receives a cumulative update for versions 1903 and 1909 that fixes a threat discovered by the NSA

Table of contents:

Anonim
"

A few hours ago Microsoft released two new cumulative updates bundled in this month&39;s Pah Tuesday. Two builds for Windows 10 in its May 2019 Update and November 2019 Update versions that can already be downloaded to computers that have one of them installed. "

The last two versions of the Microsoft operating system receive the Build with the number 18362.592 in the case of computers with Windows 10 May 2019 Update and the numbered as 18363.592 for those that are working on the November 2019 Update version.

Fixing a major threat

We can go to Windows Update we will find them as KB4528760. And when it comes to analyzing what's new, both cumulatives contain improvements and bug fixes. They arrive focused on improving security and in this sense it should be noted that correct the threat that could take advantage of Windows CryptoAPI (Crypt32.dll)

This is an important spoofing vulnerability in the way that Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. A security breach that can an attacker be able to intercept sensitive information about user connections ('man-in-the-middle' attacks) or can use to sign a malicious executable, making it look like the file came from a trusted source.

As reported on ZDNet, this is a vulnerability discovered by the National Security Agency of the United States (NSA) that only affects operating system versions Windows 10, Windows Server 2019, and Windows Server 2016 and has not been exploited at this time.

But along with this important addition, there are also other improvements that we are going to review now:

  • Adds an update for Microsoft HoloLens (18362.1044).
  • This build adds improvements for the Windows Applications Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Storage and File System, Microsoft Scripting Engine, and Windows Server.
  • Fixed a major phishing vulnerability discovered by the NSA in the way CryptoAPI (Crypt32.dll) validated Elliptic Curve Cryptography (ECC) certificates.
"

You can read the full list on the Microsoft support website. You can get the update by going to Windows Settings by pressing the Windows key + I and in the Update and security section click on Check for updates"

Windows

Editor's choice

Is HTC losing interest in Windows Phone?

Is HTC losing interest in Windows Phone?

2024
Samsung Ativ Q

Samsung Ativ Q

2024
Images of what could be the new Nokia Lumia EOS

Images of what could be the new Nokia Lumia EOS

2024
Build 2013 devices: waiting for manufacturers

Build 2013 devices: waiting for manufacturers

2024
Back to top button