Nsa Discovered Crucial Windows Vulnerability and Told MicrosoftByBill Toulas-January 15, 2020. Microsoft released the fixing patches today so it is recommended that all Windows users install them immediately. In the past, the Nsa (National Security Agency) discovered a big flawhas that were rumoredspying operations. So this is an incident that indicates a change in how security matters are treated by the Nsa though it could be just a flare. That’s a very important issue. Everyone should patch Asap for the 2016 Win10/Win. Just don’t wait! Even big kudos for Microsoft to voluntarily report to Nsa. This is the kind of weakness that I’m sure the offensive side would have liked to use for years to come Dmitri Alperovitch (@Dalperovitch) January 14, 2020 Other important vulnerabilities discussed in this patch are: Cve-2020-0603 Cve-2020-0605 Cve-2020-0606 and Cve-2020-0646 Four remote code execution bugs in the core software. Net and Asp. Net. Cve-2020-0609 and Cve-2020-0610 Bugs in remote execution of code in Windows Remote Desktop Protocol Gateway Server Cve-2020-0611 Inability to execute remote code on the Windows Remote Desktop Protocol application. Cve-2020-0640 Vulnerability of memory leakage in Internet Explorer web browser. As for what industry experts have to say about Nsa’s decision to share their discovery with Microsoft, here’s what Vectra’s Chris Morales tells us: “Nsa may have disclosed this flaw to Ms because there was fear that others would find this vulnerability themselves, and it was dangerous enough to warrant remediation rather than armament. Or it could just be that the Nsa already has enough other strategies to compromise a Windows system and doesn’t need it. “Digital Shadows vice president Rick Holland thinks:” It would be a mistake to think Nsa is changing direction. They will continue to stockpile zero-days and use them as necessary to achieve their goals. “