Spoofing Vulnerability CryptoAPI (CVE-2020-0601)

Migrated from old website (first published Jan 14, 2020)

As written today on Forbes and confirmed by Microsoft, big spoofing vulnerability in the CryptoAPI was found by NSA in Windows 10, Server 2016 and Server 2019.

The CryptoAPI, (crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

I recommend you to install todays security patch for Windows 10, Server 2016 and Server 2019 (CVE-2020-0601).

More information
https://www.forbes.com/sites/daveywinder/2020/01/14/windows-10-extraordinarily-serious-security-warning-for-900-million-users/#7fbe7f94690c

Microsoft including download links
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Spoofing Vulnerability CryptoAPI (CVE-2020-0601)

Leave a comment Cancel reply

Never miss any news

Share this:

Leave a comment Cancel reply

Never miss any news