Patch to fix major security flaw in Windows isn't working - here's what to do

It’s not too often our intelligence services step into consumer affairs. Organizations like the CIA and NSA like to remain in the background — it’s how they catch spies and terrorists. But when a security flaw is dangerous enough, the equation changes.

For example, the NSA previously spoke out about an urgent Windows update that stopped BlueKeep, a dangerous security exploit that could let hackers take over computers worldwide. Tap or click to find out how bad this bug really was. And now, a new bug has prompted the NSA to urge Windows users to update immediately.

This patch fixes a critical flaw that affects 900 million devices. If unaddressed, your computer can be duped into thinking viruses are ordinary files. Unfortunately, the update didn’t roll out as smoothly as expected. But in true Microsoft fashion, the fix has a fix of its own. Here’s how you can safely update your PC.

Update your Windows 10 system immediately!

This week, Microsoft released a patch for a critical windows vulnerability with help from none other than the NSA. The announcement on the organization’s webpage explains the NSA discovered a dangerous flaw in Windows 10 that allows malware to masquerade as ordinary software.

Hackers can take advantage of the flaw, thanks to an issue with a part of Windows called CryptoAPI. This system component checks apps and programs for “developer signatures” that prove they come from trusted sources.

By exploiting the flaw, a hacker could spoof a piece of malware to make it look like a normal program. This would allow them to quietly and dangerously infect computers without users ever being aware something is wrong.

Related: Nearly 800 million Windows computers at risk

This fix was quietly shipped to users as part of Microsoft’s routine patching program, and is also available as a standard download via Windows Update. Unlike others before, this patch is the first in history to be credited to the NSA by Microsoft. A real-life spy organization is helping us make our computers safer.

Fixing the fix

Unfortunately, like several of Microsoft’s other fixes, the rollout didn’t quite go as planned. Upon downloading, users would be greeted by a variety of system errors, some of which include the following:

“We could not complete the install because an update service was shutting down”

Continue reading

What to do if a drone spies on you

Open/download audio

Ever had the feeling someone’s watching, even in your own backyard? You might be surprised by what’s flying under the radar.

👨‍💻 North Korea strikes again: I’ve told you about this before. Now, we’re hearing reports EV maker Fisker hired a remote employee who funneled money back to North Korea’s missile program. The spy used an Arizona address tied to a woman hired to run a laptop farm for IT workers who needed a U.S. address. In total, she moved $6.8 million to North Korea. Isn’t it nuts that a 6-foot overweight man with a goofy haircut scares the heck out of everyone?

Hackers are selling old routers to spies

Open/download audio

They’re using these routers for denial-of-service (DoS) attacks and spamming inboxes. Meanwhile, a man’s been cyberstalked by a former roommate — nightmare stuff. Plus, Microsoft got hacked, and OpenAI is launching a search engine.

Stop phone snoops

Open/download audio

What percentage of Americans routinely spies on their partners’ phones, checks their texts, and looks at their location history? You’ll be surprised at the answer. Plus, I’ll show you how to tell if you’re being spied on.

Spies want in on your router

Open/download audio

Is yours at risk? Hackers’ new side hustle is charging Chinese and Russian spies and scammers for access to old home routers so they can launch denial-of-service (DoS) attacks. Plus, Google blocks romance writer, worst airlines for luggage, and Microsoft gets hacked.

Cybercriminals and spies targeting routers: Hackers’ new side hustle is charging Chinese and Russian spies and scammers for access to old routers so they can launch denial-of-service (DoS) attacks or send scammy spam emails. If your device is more than three years old, it’s time to upgrade.

Santa's bag is full of spies

Open/download audio

Holiday shopping’s kicked off, with tech gadgets leading the wish lists. But there’s a catch — each comes with a privacy warning worth your attention.