Microsoft ends Windows 7 support

Share

Microsoft has issued a patch for Windows 10 after it was revealed by a United States security agency to be a "serious vulnerability" that could affect millions of devices.

Why it matters: The flaw's seriousness made headlines, but it's just as notable that the National Security Agency alerted Microsoft to it.

He cited a tweet from Will Dormann, a security researcher who authors numerous vulnerability reports for the CERT Coordination Center (CERT-CC), after he had tweeted that "people should perhaps pay very close attention to installing tomorrow's Microsoft Patch Tuesday updates in a timely manner".

Keep an eye out on your Tuesday patches, and apply them.

Edge for Mac has been created to be similar to the Edge experience on Windows, but Microsoft has added optimizations to make it feel more Mac-like.

While it's possible to install Windows 10 on your older device, Microsoft said it's "not recommended" for computers older than three years as newer PC hardware is faster, more capable, and more compatible with the latest industry technology.

Microsoft hasn't identified any mitigation factors or workarounds for this vulnerability, and has classified the flaw as "exploitation more likely".

Name for new foldable Samsung possibly Galaxy Z Flip
While a bigger battery means you'll be able to use the device longer, it also suggests the device will be more powerful overall. Something not coming to the Galaxy S20 , at least according to XDA Developers , is a headphone jack.

Microsoft said it has not seen any evidence that hackers have used the technique discovered by the NSA. United States companies are more likely to move on. Or, if you can stay on top of things by manually heading to Settings Update & Security Microsoft Update to check. ZDNet, for example, estimates there are around 200 million Windows 7 PCs, while Computer World's number crunching led to an estimate of there being 446 million Windows 7 systems by the end of the month (two months after the OS is retired).

"The concern is that as soon as the vulnerability is known about in detail, exploits will be produced and the laggards who don't patch will be prime targets".

Another expert also pointed out that this flaw should be prioritised by all system administrators.

The patches address the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10, Windows Seerver 2016 and Server 2019 systems.

"A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software", Microsoft also said.

Despite this, the potential impact of the vulnerability was so bad the NSA was forced to disclose it to Microsoft, instead of using it for their own purposes.

Share