National Security Agency discovers major security flaw in Microsoft’s Windows

The National Security Agency has discovered a major security flaw in Microsoft’s Windows operating system and tipped off the company rather than exploit it for its own intelligence needs. Microsoft made a software patch to fix it available Tuesday and credited the agency for discovering the flaw. The company said it has not seen any evidence that hackers have used the technique discovered by the NSA. “Customers who have already applied the update, or have automatic updates enabled, are already protected,“ Jeff Jones, a senior director at Microsoft, said in a statement.

Others are able to get the free update manually. Microsoft typically releases security and other updates once a month and waited until Tuesday to disclose the flaw and the NSA’s involvement. Priscilla Moriuchi, who retired from the NSA in 2017 after running its East Asia and Pacific operations, said this is a good example of the “constructive role” that the NSA can play in improving global information security.