How NSA access was built into Windows


 Share

Recommended Posts

+Mirumir

NSA Built Back Door In All Windows Software by 1999

 

Government Built Spy-Access Into Most Popular Consumer Program Before 9/11

 

In researching the stunning pervasiveness of spying by the government (it?s much more wide spread than you?ve heard even now), we ran across the fact that the FBI wants software programmers to install a backdoor in all software.

 

Digging a little further, we found a 1999 article by leading European computer publication Heise which noted that the NSA had already built a backdoor into all Windows software:

 
 
Duncan Campbell 04.09.1999

 

A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

 

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

 

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.

 

ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.

 

Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

 

A second key

 

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".

 

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.

 

A third key?!

 

But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

 

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

 

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".

 

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

 

"For non-American IT managers relying on Windows NT to operate highly secure data centres, this find is worrying", he added. "The US government is currently making it as difficult as possible for "strong" crypto to be used outside of the US.

 

That they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers".

 

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a 'back door' for NSA - making it orders of magnitude easier for the US government to access your computer?" he asked.

 

Can the loophole be turned round against the snoopers?

 

Dr van Someren feels that the primary purpose of the NSA key inside Windows may be for legitimate US government use. But he says that there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy", he said.

 

Fernandez believes that NSA's built-in loophole can be turned round against the snoopers. The NSA key inside CAPI can be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorised third parties, unapproved by Microsoft or the NSA. This is exactly what the US government has been trying to prevent. A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym's website.

 

According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPU's with encrypted instruction sets already been deployed, we would have never found out about NSAKEY."

Link to post
Share on other sites

srbeen

zip link is dead, well, only the 'special' are permitted to view... http://www.cryptonym.com/ Would sure love to change my key and become the NSA of my friends... Bravo MS!

 

Any reports on how OSX or any versions of BSD or linux are bugged? I can only presume Apple and Ubuntu are also targets.

Link to post
Share on other sites

Steven P.

It was already widely known back then that there was a NSA key in Windows 98.

  • Like 4
Link to post
Share on other sites

Mohitster

Not sure if serious  :o

Link to post
Share on other sites

+DonC

Look.  I don't like the secrecy around the NSA and GCHQ's processes either but this story is sensationalist claptrap.  This story reads as if the NSA and some other organisation has the ability to remotely access Windows PCs!

 

Yes, there are alternative keys for loading cryptographic modules into Windows but they are not backdoors.  You still need to install them with administrative privileges.  At the point this happens, you've already given access to your computer away no matter how the software persists.  There are plenty of places in Windows that you could install something to snoop on or modify the experience for users: the driver system being the most obvious to me.  If you're worried about HTTPS snooping in particular then you should realise that tools like Fiddler 2 can do this without magic crypto modules.

 

As for somehow turning this "backdoor" around, you should note that if you're in a position to change the NSAKEY or the third key then you're also in a position to change the first key.  At this point you could re-sign the typical cryptographic modules as well as foreign code with your own private key.  You gain nothing from the existence of the NSAKEY or the third.

 

The fact that the keys are separate tells me that Microsoft were unwilling to let the NSA have access to their private key.

  • Like 1
Link to post
Share on other sites

Osiris

Despite the recent revelations I just don't buy that this was ever the case, with alll the governments, with all the users, and especially with all the people that hate windows, if any of them found that in the software they would be screamiing it fromt heir lungs and posting the proof everywhere.  Microsoft also would have had far too much to lose (as they were basically the only OS provider, no one else was getting roped in with them unlike the current matter) not to mention there was and still is no lehal basis for such a move and not withstanding that such a backdoor would likely break laws in some of the countries MS Windows is sold in.

 

Yes, that is different to now because the target of the current issue is around their carriage services - not the product - just about all our countries have laws surrounding the lawful use of carriage services (no I am not defending the invasion of our privacy but rather just because that is happening doesn't mean this happened).

Link to post
Share on other sites

neufuse

Oh good gawd, this isn't what you think it is...... btw.. if you have RSA encryption, you know this was developed by the NSA right?..... lets start a trapdoor thing about that also!!!!! oh wait we already have....

Link to post
Share on other sites

JonnyLH

If the NSA was getting into your machine since '98 I'm pretty sure someone would of picked it up on the many years of constant wiresharking.

 

/thread

  • Like 3
Link to post
Share on other sites

neufuse

You guys do know if they where to put a hidden key.... they wouldn't call it NSAKEY! you know NSA does not stand for national security agency...... it was at the time meaning Name Space Assembly Key... had a completely different purpose then the tin foil hatters want you to think.... but lets just ignore all the development documentation on windows back in the 90's and name it some big conspiracy

  • Like 1
Link to post
Share on other sites

+Dick Montage

Well that was a whole bunch of misunderstandings, conspiracy theories and conjecture wrapped around something that was already widely know and moreover publicly stated.

 

Still, makes for a nice headline...

  • Like 4
Link to post
Share on other sites

TPreston

If the NSA was getting into your machine since '98 I'm pretty sure someone would of picked it up on the many years of constant wiresharking.

 

/thread

Don't forget process monitor and network firewalls, And what about all those people on slow wan links wouldn't they notice it ?

Link to post
Share on other sites

123456789A

I guess I'm immune to this since I'm running Windows for Workgroups.

  • Like 7
Link to post
Share on other sites

+warwagon

What was the name of that funny registry key from long ago.... was it nsakey?

Link to post
Share on other sites

Hum

That explains why my UFO photos disappeared ! :ninja:

Link to post
Share on other sites

AnotherITguy

oh noes, zey know everaything... picks up his tin foil hat.... lolz

Link to post
Share on other sites

Growled

Of course there is a NSA key in Windows. They'd be crazy not to put one in it.

Link to post
Share on other sites

Silpheed2K

Don't forget process monitor and network firewalls, And what about all those people on slow wan links wouldn't they notice it ?

You can actually hide stuff from process monitor. Good malware writers know this.
Link to post
Share on other sites

thomastmc

Any articles from last decade? Or, better yet, this decade?

 

Forget about encryption, if they wanted a real backdoor to any system and it was built from the lab into all RTM and retail copies that left MS, no one except those developers would ever know it was there. It would lay dormant until activated over the net or locally by an NSA agent. If it's ever needed it's activated and then loses much of it's stealth, but unless you know what you're looking for and how to look for it, it would be almost impossible to detect because it would use the OS's internal mechanisms legitimately to disguise it's activity. It wouldn't be "malware", or a rootkit, it would be a kernel level legitimate function of the system, designed to work with the system as any other legitimate mechanism does. It might even be wrapped by a legitimate and benign piece of the standard system.

 

It would probably also communicate through a protocol that is hidden intentionally on the network, by other additions by the NSA into software, such as routers. You'd probably have to write special code to even have a chance of finding it, and you'd have to know what you're looking for to write the code. Chicken and the egg. Then you'd still have to get the NSA to activate the backdoor on a system you're testing. By the time even someone educated and paranoid (or curious) enough found what they were looking for, it'd be too late, at least for them.

Link to post
Share on other sites

JonnyLH

Any articles from last decade? Or, better yet, this decade?

 

Forget about encryption, if they wanted a real backdoor to any system and it was built from the lab into all RTM and retail copies that left MS, no one except those developers would ever know it was there. It would lay dormant until activated over the net or locally by an NSA agent. If it's ever needed it's activated and then loses much of it's stealth, but unless you know what you're looking for and how to look for it, it would be almost impossible to detect because it would use the OS's internal mechanisms legitimately to disguise it's activity. It wouldn't be "malware", or a rootkit, it would be a kernel level legitimate function of the system, designed to work with the system as any other legitimate mechanism does. It might even be wrapped by a legitimate and benign piece of the standard system.

 

It would probably also communicate through a protocol that is hidden intentionally on the network, by other additions by the NSA into software, such as routers. You'd probably have to write special code to even have a chance of finding it, and you'd have to know what you're looking for to write the code. Chicken and the egg. Then you'd still have to get the NSA to activate the backdoor on a system you're testing. By the time even someone educated and paranoid (or curious) enough found what they were looking for, it'd be too late, at least for them.

Hows the tin foil hat?

Link to post
Share on other sites

REM2000

Hows the tin foil hat?

 

yeah it's not like the NSA has been caught accessing information from all major cloud providers... oh wait

 

It's pretty obvious that Windows has had a back door for use by government organisations, i wouldn't be surprised if MacOSX had it too. Oh course they are not going to be using it all the time, however i can imagine some kind of remote execution ability. Linux and Open source in general i would be more surprised about as it would be a lot easier to discover this through open source.

 

However it's worth taking stock, we know that government agencies have had access to cloud services, a few years ago it was proven that BlackBerry has done the same for it's messaging systems

 

http://www.guardian.co.uk/technology/2010/nov/17/india-blackberry-monitored-emails

 

It's the way of the world, it would be nice if governments were a little more transparent and i hope people continue to fight for freedoms of information, but this kind of stuff has been going on for centuries with governments intercepting, phone calls, letters, telegrams etc.. The only difference is that with each passing year it's getting easier and easier to collect more and more information.

  • Like 1
Link to post
Share on other sites

JonnyLH

yeah it's not like the NSA has been caught accessing information from all major cloud providers... oh wait

 

It's pretty obvious that Windows has had a back door for use by government organisations, i wouldn't be surprised if MacOSX had it too. Oh course they are not going to be using it all the time, however i can imagine some kind of remote execution ability. Linux and Open source in general i would be more surprised about as it would be a lot easier to discover this through open source.

 

However it's worth taking stock, we know that government agencies have had access to cloud services, a few years ago it was proven that BlackBerry has done the same for it's messaging systems

 

http://www.guardian.co.uk/technology/2010/nov/17/india-blackberry-monitored-emails

 

It's the way of the world, it would be nice if governments were a little more transparent and i hope people continue to fight for freedoms of information, but this kind of stuff has been going on for centuries with governments intercepting, phone calls, letters, telegrams etc.. The only difference is that with each passing year it's getting easier and easier to collect more and more information.

To protect National Security? Do you condone events like Boston or a possible terrorist threat on the Olympics? 

 

The people which create these programs are normal people, they're doing it to protect national security not to see what porn people are watching. If there was a backdoor to any software system, it would of been found by now. You'd be able to spot it a mile off. Another point is, who's computer here actually has a public IP address? If not, you're sitting behind a NAT which will not let any un-prompted connections incoming unless the client initialized it. So a backdoor wouldn't even work in todays Internet.

 

So once again, hows the tinfoil hat?

Link to post
Share on other sites

+Dick Montage

Do you condone events like Boston

Oh dear.  You just threw your entire argument out of the window with that one ridiculous yet (hopefully) rhetorical question.

  • Like 1
Link to post
Share on other sites

JonnyLH

Oh dear.  You just threw your entire argument out of the window with that one ridiculous yet (hopefully) rhetorical question.

Condoning a system which supports national security is indirectly related to events like this. Stop being so up-tight.

Link to post
Share on other sites

+Dick Montage

Stop being so up-tight.

Accusations of me being "up-tight" do not help your argument.

Link to post
Share on other sites

thomastmc

A possible terrorist threat on the Olympics?

 

Oh my gosh, you're so paranoid. How's the tin foil flack jacket? (That game can be played both ways. Don't dismiss what I said as if I'm paranoid. I was just stating what is possible, as you just did).

 

If there was a backdoor to any software system, it would of been found by now. You'd be able to spot it a mile off. Another point is, who's computer here actually has a public IP address? If not, you're sitting behind a NAT which will not let any un-prompted connections incoming unless the client initialized it. So a backdoor wouldn't even work in todays Internet.

 

So once again, hows the tinfoil hat?

 

You don't know what you're talking about, by the way.

  • Like 1
Link to post
Share on other sites

This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By zikalify
      Microsoft announces the general availability of Windows 365
      by Paul Hill

      Microsoft has announced that Windows 365 is now available to business and enterprise customers. The service was announced in July following a year of rumours at its Inspire conference. Currently, Windows 365 offers customers a new way to experience Windows 10 but it will soon offer Windows 11 when it becomes available later in the year.

      With this new service, Windows is hosted on Microsoft Cloud and customers can securely stream the full Windows experience, including their apps, data, and settings, to personal and corporate devices. With faster and more ubiquitous internet connections, hosting an operating system in the cloud and streaming it is finally feasible.

      Microsoft offers three Windows 365 subscription tiers with slight differences between the Business and Enterprise products. The three tiers are Basic, Standard, and Premium and cost $31.00, $41.00. and $66.00 per user per month respectively. The two main differences between the Business and Enterprise versions are that Business subscriptions are restricted to 300 users while Enterprise subscribers can have unlimited users. The second difference is that Business customers can access Windows 365 through windows365.microsoft.com while Enterprise customers will have it integrated with Microsoft Endpoint Manager.

      On the Basic tier, you’ll get 2 vCPUs, 4 GB RAM, and 128 GB storage; this tier is suitable for light productivity tools and web browsers. The Standard tier gives you 2 vCPUs, 8 GB RAM, and 128 GB storage; Microsoft says this tier is suitable for running a full range of productivity tools and line-of-business apps. Finally, the Premium tier gives you 4 vCPUs, 16 GB RAM, and 128GB storage; this tier is ideal for running high-performance workloads and heavier data processing.

      If you’re not content with the defaults for these tiers and want to customise your subscription, Microsoft also offers a full list of tiers with prices ranging from $20.00 per user per month to $162.00 per user per month. To learn more about Windows 365, head over to Microsoft’s product page.

    • By Abhay V
      AdDuplex: Windows 10 version 21H1 is now on over 26% of PCs, Windows 11 makes its debut
      by Abhay Venkatesh

      After a gap of a couple of months, AdDuplex has released its Windows version usage report for the month of July. The report is collected from 5,000 Microsoft Store apps that are running the AdDuplex SDK v.2 or higher, and around 60,000 Windows PCs were sampled for this report. This month’s highlight is the debut of Windows 11, which was formally announced in June. As for Windows 10, version 21H1 that was released in May is now running on over 26% of Windows machines.

      Just like the October 2020 Update, the Windows 10 May 2021 Update was an enablement package that light up new features in the OS. The underlying codebase for 21H1, however, is identical to versions 20H2 and 2004, meaning that the three most recent versions are serviced with the same cumulative updates. It is, therefore, not surprising to see that the rollout of the latest version has been faster than the previous versions has seen. This is only expected to increase as version 2004 begins to reach the end of support for consumer SKUs.

      With Windows 10 21H1 now on more than 26% of PCs, the three latest versions of the OS account for close to 88% of usage share. The title for the most famous version of Windows 10 is retained by version 20H2 at 36.3%, followed by version 2004 at 24.6%. Windows Insiders running Windows 11 in the Dev channel account for close to 1% of total devices.

      Windows 10 version 21H2 is also slated to be an enablement package. However, with Windows 11 expected to begin rolling out later this year, it will be interesting to see how the usage share changes, since there are still questions about the pace of the rollout and what the final hardware specifications will be.

    • By anmol112
      Hands-on with the new Microsoft Teams experience for Windows 11
      by Anmol Mehrotra



      Earlier this week, Microsoft released another Windows 11 build to Windows Insiders in the Dev Preview ring. The new build brought improvements to the UI as well as the new Microsoft Teams integration. Microsoft announced the Teams integration at the Windows 11 launch event last month. With the feature now rolling out to Windows Insiders, we decided to take a closer look at the new Teams integration for Windows 11.

      First time setup
      After you install the new Windows 11 build, you will see a Teams icon on the taskbar. Clicking on the option will open Team for the first-time setup. The setup is pretty simple.

      Microsoft allows you to use your regular MSA account for personal use. You can also use your work or school account if you have one and want it easily accessible.

      Once you select the account, Microsoft will ask you to verify ownership (if you have two-factor authentication) as well as add a phone number. This will add as a secondary username and also allow others to find you on Teams.

      Lastly, Microsoft will confirm the settings and ask you if you want to use your existing Outlook or Skype contact list to find people on Microsoft Teams. One thing to note here is that if you have used Windows Phone in the past or you use Outlook to sync your contacts then you will see your address book on Teams (provided you selected the sync Outlook contact list on the last step).

      Using the app
      The experience is same more or less. However, with a personal Teams account, users can now use it as way to stay connected to their loved ones. Moreover, you can now enter an email address to send a Teams message to them.

      This works in two parts: if the person already uses Teams, they will get a general chat notification. However, if the person you are messaging does not use Teams, they will get an email inviting them to join Teams and continue the chat.

      One thing that I personally believe can enhance the Teams experience is the support for SMS. While you can message people using phone numbers, they have to be in your contacts. Unfortunately, you can’t directly start a conversation with someone if they are not in your contacts. This is something that Microsoft can add in the future to allow users to start conversations by just entering the phone number of the person they want to talk to and if the person is not on Teams, they will get an invite to join the app.

      However, there is one way to invite others to a text chain and that is via the 'invite using link' option. As the name suggests, the option generates a custom link that can be shared with others to allow them to join a conversation.

      Lastly, Microsoft is also expected to merge the Meet Now feature into Teams in the feature. It will further enhance the user experience by allowing users to make audio and video calls using Microsoft Teams. Currently, the feature exists just as a placeholder button, but the company is expected to add it before Windows 11 is shipped as an update to existing Windows users.

      Do you plan to use Microsoft Teams on Windows 11? Let us know your thoughts below.

      For more information on Windows 11, you can check out our article on minimum system requirements as well as the list of CPUs that support Windows 11. Apart from the general requirements, Microsoft has also listed out specific feature requirements for Windows 11 including webcams, Bluetooth and Precision Touchpad on all upcoming laptops. Last month, Microsoft also updated the PC Health Check app to show why a device is not ineligible to receive the Windows 11 update. However, the company will allow some manufacturers to bypass the TPM 2.0 requirement and it is also allowing Windows Insiders with unsupported hardware to test Windows 11 Insider Builds. Several manufacturers have published a list of hardware that will be compatible with Windows 11.

      If you are still out of the loop, then you can check out hands-on video. If you want to get in-depth information about Windows 11 then you can check out our article covering all the new features and changes.

    • By anmol112
      How to fix Windows Hello not working in the latest Windows 11 build 22000.100
      by Anmol Mehrotra



      Yesterday, Microsoft released another Windows 11 build to Windows Insiders in the Dev Preview ring. The new build brought improvements to the UI as well as the new Microsoft Teams integration. However, it also came with a bunch of known issues, one of which was the broken Windows Hello.

      Fortunately, there is an easy fix for "Something went wrong" error when trying to use Windows Hello on Windows 11. If you are facing the issue, then you can follow the steps below to get the issue fixed:

      Click on Windows Search or the Windows button Type "Device Manager" and click on 'open'. You can also right-click on the Windows button and select Device Manager. Once Device Manager is opened, double-click on "Biometric devices" Now right-click on "Windows Hello Face Software Device" and click on 'uninstall device' Once done, reboot the system, let Windows download and install the latest drivers After the installation is finished, Windows Hello should be good to go. We hope Microsoft fixes this issue in the future build. While not critical, the issue certainly can be a pain for users who rely on Windows Hello to sign-in to their devices.

      For more information on Windows 11, you can check out our article on minimum system requirements as well as the list of CPUs that support Windows 11. Apart from the general requirements, Microsoft has also listed out specific feature requirements for Windows 11 including webcams, Bluetooth and Precision Touchpad on all upcoming laptops. Last month, Microsoft also updated the PC Health Check app to show why a device is not ineligible to receive the Windows 11 update. However, the company will allow some manufacturers to bypass the TPM 2.0 requirement and it is also allowing Windows Insiders with unsupported hardware to test Windows 11 Insider Builds. Several manufacturers have published a list of hardware that will be compatible with Windows 11.

      If you are still out of the loop, then you can check out hands-on video. If you want to get in-depth information about Windows 11 then you can check out our article covering all the new features and changes.

    • By Abhay V
      Here are the known issues in Windows 11 build 22000.100
      by Abhay Venkatesh

      Microsoft today rolled out Windows 11 build 22000.100 to Insiders running Dev channel builds. The cumulative update brings with it - among other things - improvements to the taskbar UI and the system tray, adding subtle design improvements, in line with the Windows 11 experience.

      The improvements include a better UI for the system tray, along with a new visual cue for when an app requires attention on the taskbar thanks to a background task. However, the ability to run Android apps, something that the firm announced during the Windows 11 unveil event, is yet to be added. When it does make it to the OS, it will happen through the Amazon Store that will be housed within the Microsoft Store.

      The firm isn't bringing any huge changes to the OS, as it is still addressing bugs and reliability concerns that are being reported by users running the Dev channel builds, while prepping the builds for the Beta channel. However, along with the list of bugs fixes, there are still a bunch of known issues that are being tracked. Here is the complete list of issues in Windows 11 build 22000.100:

      Issues such as the File Explorer bug might make it difficult for users to run apps reliably, so it is best to be aware of the problems before considering these builds for your daily driver. Additionally, there are some Windows Hello issues that have workarounds.

      Windows 11 build 22000.100 is rolling out via Windows Update to Dev channel users running the latest version of the OS. The release to the Beta channel should happen soon as the firm skipped releasing the latest 21H1 updates, citing the impending release of Windows 11 builds. Currently, there aren't any official ISOs available either for those hoping to perform a clean install of these builds.