Windows vulnerability patched: Information for the Miami community

Microsoft Corp. released an emergency software patch on Tuesday, Jan. 14, to correct a flaw in some versions of Windows. 

Miami University systems and devices will be protected from this security flaw by our regular cycle of Windows updates, but users running Windows operating systems (including Windows 10 and Windows Server) on their personal machines should ensure their software is updated. Microsoft published a list of the patches on its Security Update Guide.

Brian Krebs reports that the flaw, which was discovered by the National Security Agency (NSA), would allow malicious actors to spoof credentials on certain software programs, meaning it would allow malware to operate like legitimate software. What’s more, this could cause trouble for authentication on Windows desktops and servers and would have security implications for the protection of sensitive data on Microsoft internet browsers and third-party tools.

Thus far, there have been no reported instances of the vulnerability being exploited by malicious actors.