Microsoft (MSFT) - Get Report will issue a critical Windows 10 patch, possibly as early as Tuesday, after being alerted by the National Security Agency of a flaw in the operating system that could open the door to hackers.
The NSA reached out to the tech giant after discovering an error in the code used to verify the digital signatures, which are effectively a seal of approval the software is authentic, The Washington Post reported.
The flaw, in turn, could enable hackers to fake the digital signature and install spyware or ransomware on a computer. So far, Microsoft has found no signs that hackers have tried to exploit this software loophole, the Post reported, citing NSA officials.
The NSA's decision to alert Microsoft to the flaw - instead of using it for its own intelligence gathering purposes - is a departure from past practice.
The NSA came under fire previously for creating a hacking tool, Eternal Blue, out of another flaw that could be found in all of Microsoft's software programs, not just one, as with the case of the current issue with Windows 10. The spy agency exploited the hacking tool for five years, alerting Microsoft when it learned that hackers had seized upon the flaw to launch ransomware campaigns like WannaCry, according to the Washington Post.
Microsoft issued a patch for the software error in 2017.
The current flaw with the Windows 10 operating system is considered a less severe version of the error that gave rise to the WannaCry campaign, the Post reported.