NSA Hacks Microsoft Windows Error Messages


The NSA intercepts information you send to Microsoft when a program crashes.

Each time a Microsoft program crashes and asks the users to send information to Microsoft concerning bugs, the NSA’s Tailored Access Operations (TAO) unit intercepts data. Once TAO selects a unique identifier, such as an IP address, to target, intelligence agents are notified each time the user sends an error report to Microsoft, Der Spiegel reports.

The interception is only a way to gain “passive access” to the machine, but it also provides information of possible security holes, which could then be manipulated to implement malware or spyware. According to Der Spiegel, the TAO agents of NSA have also replaced the text of the Microsoft error with text of their own, removing “We have created an error report that you can send to help us improve Microsoft Windows. We will treat this report as confidential and anonymous” and inserting “This information may be intercepted by a foreign SIGINT system to gather detailed information and better exploit your machine.” (SIGINT is an abbreviation for “signals intelligence.”)

“Microsoft does not provide any government with direct or unfettered access to our customers’ data,” Microsoft said in a statement. “We would have significant concerns if allegations about government actions are true.”

The NSA has likely examined the sites you’ve visited. Even worse, if you use Internet Explorer, the jobs of NSA intelligence agents becomes even easier because the browser has many security holes that the NSA targets. The NSA has also listed Facebook, Yahoo, Twitter, and YouTube as targets in an internal presentation – which Der Spiegel viewed – called “QUANTUM CAPABILITIES.” So far it has had the most success against Yahoo, Facebook, and static IP addresses. The presentation noted its toolbox known as “QUANTUMTHEORY” has been unsuccessful in targeting Google services; however, Britain’s GCHQ intelligence service has been able to spy on Google.

US intelligence services plan to infiltrate 85,000 computers worldwide next year.

Source: Der Spiegel via CNBC

About the author