UPDATE 2 Microsoft’s January 2020 Patch Tuesday Fixes 49 Vulnerabilities; Using one flaw attackers could cause malware to appear as code-signed by legitimate companies, conduct man-in-the-middle attacks, and decrypt encrypted information over network connections. https://www.bleepingcomputer.com/news/microsoft/microsofts-january-2020-patch-tuesday-fixes-49-vulnerabilities/
UPDATE: National Security Agency Confirms Windows 10 Security Flaw ‘Makes Trust Vulnerable’ “If the NSA reported it,” security professional John Opdenakker says, “I think that the impact of the vulnerability being exploited is high. Until we have more information, we can’t say anything about the actual risk for the average user.” https://www.forbes.com/sites/daveywinder/2020/01/14/national-security-agency-confirms-windows-10-security-flaw-makes-trust-vulnerable/ You should put together a test computer with any proprietary software or non-off-the-shelf, mission essential software and test the patch first.
UPDATE: National Security Agency Confirms Windows 10 Security Flaw ‘Makes Trust Vulnerable’
“If the NSA reported it,” security professional John Opdenakker says, “I think that the impact of the vulnerability being exploited is high. Until we have more information, we can’t say anything about the actual risk for the average user.”
https://www.forbes.com/sites/daveywinder/2020/01/14/national-security-agency-confirms-windows-10-security-flaw-makes-trust-vulnerable/
January 14, 2020 – Microsoft MAY release a patch TODAY that is supposed to fix a huge security vulnerability. I am providing this notification because I recommend that only a test computer be patched, IF you are running non-off-the-shelf software. That is anything that you can’t buy at a store, like Office programs, etc. If you are using any proprietary software or software designed for your business systems, then you should ALWAYS test Microsoft patches before implementing them. This is a story by Brian Krebs, a leading #cybersecurity journalist. “Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog.” https://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/