Specifically, the National Security Agency was the first one to identify a set of critical vulnerabilities in many of Microsoft Windows and Windows Server's versions. Microsoft from its side, recently published software updates to face those vulnerabilities.
The first vulnerability observed, impacts all machines using Windows 10 operating systems, involving Windows Server 2016. Meaning that an attacker could access in trusted identifies - individuals, web sites, software companies, service providers, or others.
By using a forged certificate, the attacker could enter to vulnerable systems, sending a spiteful executable file. With the file appearing to be from a trusted provider and a digital signature on it, the user could not realize its nasty purposes.
Another vulnerabilities could further impact the RD Gateway Server in versions of Windows Server 2012 and newer. Namely, the server vulnerabilities do not require authentication or user interaction and can be exploited by a specially crafted request.
New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date. Timely patching is one of the most efficient and cost-effective steps an organization can take to minimize its exposure to cybersecurity threats.
...said Cybersecurity and Infrastructure Security Agency (CISA).
In light of the cyber threats situation which affects the maritime industry, the Coast Guard strongly urges stakeholders in the maritime community to install these updates as soon as possible.