Yesterday's "Patch Tuesday" for Microsoft Windows included a "fix" promoted loudly through USG alligned media outlets that allegedly repairs X.509 "PKI" certificate validation in Microsoft's crypt32.dll (archived). The usual suspects are loudly herding Windows users to update in a way that strongly suggests geopolitical considerations may have pushed the USG.NSA to burn a number of their cultivated backdoors as they tend to do from time to time.
Past behavior of the actors involved suggests that as before, the patch is not going to be an actual fix so much as a subtle rekeying of the orfice. Serendipitously this patch was released immediately after Microsoft stopped issuing patches for Windows 7 creating an intense opportunity for Microsoft to collect "upgrade license" revenue with the endorsement of the USG "National Security" apparatus using the pitch that the USG already adopted the upgrade for its machines. The line between USG agency and USG "enterprise" continues become increasingly squishy.
The is the first time the USG.NSA has allowed itself to be explicitly named in Microsoft marketing materials as the contributor to a "fix" suggesting an ongoing marketing partnership between the two may be budding.