GCHQ arm reports critical bugs in Windows 10 to Microsoft instead of exploiting them

GCHQ arm reports critical bugs in Windows 10 to Microsoft instead of exploiting them

External IT contractors pose no security risk, says GCHQ

While the NSA’s conduct in recent times has led to a belief that spy agencies can only create malware or hack citizens’ devices, the GCHQ has set a positive example by discovering critical security bugs in Windows 10 and reporting it to Microsoft.

Two critical bugs in Windows 10 Defender that were discovered by the GCHQ allowed hackers to take full control over a victim’s computer and install malicious software.

Microsoft recently released an urgent security patch that it said would plug two critical security flaws in Windows 10 that allowed attackers to conduct remote code execution and take over victims’ computers.

Named CVE-2017-11937 and CVE-2017-11940, the two bugs were found hidden inside Microsoft Malware Protection Engine which is an essential feature of Windows Defender, Microsoft’s proprietary antivirus software which is automatically installed in WIndows 10 machines.

‘The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,’ said Microsoft.

The bugs were first identified by the National Cyber Security Centre which is an arm of the GCHQ. According to Microsoft, since the bugs were identified quickly, hackers didn’t get the opportunity to exploit them.

The discovery and subsequent patching of the two critical bugs may redeem the image of the GCHQ in the eyes of UK citizens who are quite concerned about the fact that security agencies ‘can, and will, listen to or watch them via their smart televisions and other smart devices’.

In October, it came to light that the investigatory powers tribunal (IPT) was hearing arguments on how domestic intelligence agencies like the MI5 and MI6 (both components of GCHQ) were processing bulk data belonging to citizens and sharing it with others without following legal safeguards.

According to Privacy International, bulk personal datasets collected and monitored by MI5 and MI6 contain highly sensitive concent about citizens. These include their activities on social media sites, online dating sites and leave almost nothing to the agencies’ imagination.

“Such datasets are very intrusive. They contain information that goes right to the core of an individual’s private life,” said Ben Jaffey QC who represented Privacy International.

‘The risks associated with these activities are painfully obvious. We are pleased the Investigatory Powers Commissioner’s Office is keen to look at these activities as a matter of urgency and the report is publicly available in the near future,’ said Millie Graham Wood, a solicitor at Privacy International to The Guardian.

Copyright Lyonsdown Limited 2021

Top Articles

Double trouble: the rising threat of double-extortion ransomware

Ransomware attackers continue to threaten businesses at an increasing scale, speed and sophistication.

The blurring line between nation-state and cyber-criminals

Russia is widely known to be involved in a plethora of cyber-criminal activity.

XDR: Delivering value where SIEMs fail

Implementing an XDR solution means faster detection, and remediation of cyber incidents

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]