Windows 10 Security Flaw Might Get You Rickrolled (Or Worse)

Windows 10 Security Flaw Might Get You Rickrolled (Or Worse)


A major Windows 10 security flaw has left US intelligence agency, the NSA, and software development, GitHub, rickroll’d by a cybersecurity researcher. It’s a good laugh but it also highlights how serious the security alert is and works as a reminder to any Australians who haven’t already installed the security patch.


Stop What You're Doing And Update Windows Right Now

The U.S. National Security Agency disclosed a major vulnerability in the latest version of Windows 10 and Windows Server 2016 to Microsoft, which released a fix for the issue on Tuesday, the MIT Technology Review reported.

Read more

U.K. cybersecurity researcher, Saleem Rashid, posted a screenshot to Twitter claiming he’d successfully rickroll’d Microsoft’s GitHub as well as the NSA on the Edge browser using a Windows 10 security revealed on January 15, 2020.

The major vulnerability itself was reported by the NSA after it had alerted Microsoft of the existence of CVE-2020-0601, claiming it could trick programs into accepting falsified trust certificates allowing for them to download malware, ransomware or in Rashid’s case, rickrolling. The example shows it can supposedly spoof users into thinking they’re on verified sites.

The vulnerability, according to the NSA, affects all Windows 10 and Windows Server 2016/2019 users as well as any applications that rely on Windows for trust functionality.

Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) also issued an advisory on January 15 urging businesses, and Australians more generally, to patch their systems immediately.

“[The vulnerability] could allow an adversary to spoof a code-signing or TLS certificate and have it appear as valid, in addition this vulnerability may allow remote code execution,” the ACSC said on its page.

“The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.”

Make sure you’ve got the latest patch by heading to Microsoft 10’s advisory page and downloading the relevant security patch for your OS. Getting rickroll’d would be the least of your problems if you don’t.

The Australian Government Spent $8.7 Million To Run Windows 7 For Another Year

Windows 7 may be dead for the rest of the world but for two Australian government departments, it's alive and well for at least another year.

Read more