There’s a report out of a new vulnerability in Windows. That alone isn’t particularly significant. There are, however, two interesting and scary things about the malware that exploited this flaw.
First, the code included two drivers that were digitally signed by a reputable company, Realtek. That is, the source of the code was strongly identified. Perhaps such schemes aren’t that helpful as a security measure.
So — we have a 0-day attack that has bypassed a crucial authentication scheme to do really dangerous things to critical infrastructure, and it’s in the wild. That’s scary.