The US National Security Agency (NSA) has discovered and reported a bug to Microsoft. The vulnerability was tracked as CVE-2020-0601 and impacted Windows 10 and Windows Server systems. The NSA stated that this was the first time it decided to report and publicly disclose a security vulnerability pertaining to a software vendor.
Sources stated that this disclosure is the first of many as part of a new initiative at the NSA that aims to turn a new leaf in making more of the NSA’s vulnerability research public and available to major software vendors. This begins a new chapter in the NSA’s legacy, one in which the agency strives to alert the public to security flaws found in popular software.
Read More: NSA’s First Public Vulnerability Disclosure: An Effort to Build Trust