ALL-INKL.COM - Webhosting Server Hosting Domain Provider

Last Win7 patchday but important!

Yesterday the official support for Windows 7
ended and with it the official support for an
OS that served us well for over ten years. But
Microsoft delivered one last important patch!

Microsoft on Tuesday rolled out an important security fix after the NSA informed Microsoft about a serious flaw in its widely used Windows operating system domain.

The patch fixes an extremely serious leak in Windows which allows attackers to spoof digital certificates. By exploiting that, encrypted communication can be intercepted or a man-in-the-middle (MITM) attack can be performed. Crypt32.dll is a component within all Windows OS versions that validates certificates. The vulnerability in Crypt32.dll makes it possible to spoof Elliptic Curve Cryptography (ECC) certificates. Windows creates such ECC certificates, among other things, when handling https traffic.

The patches address the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10, Windows Seerver 2016 and Server 2019 systems but also older versions of Windows may receive a separate fix. The vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography (ECC) certificates. This vulnerability is classed “Important” and Microsoft states that it has not seen it used in active attacks yet. An attacker however could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making the file appear to be from a trusted, legitimate source. The user would have no way of knowing the file could be malicious, because the digital signature would appear to be from a trusted provider. Microsoft has released updates for this flaw (CVE-2020-0601). Their advisory can be read here.

The NSA’s writeup (PDF) includes quite a bit more detail, as does the advisory from CERT.

The PDF can be found below for instant reading here as well should the link above no longer work.

CSA-WINDOWS-10-CRYPT-LIB-20190114

Microsoft classifies the update as “Important” and recommends that companies install it as quickly as possible. The NSA shared the same sentiment. “The consequences of not patching this vulnerability are large and widespread,” writes the intelligence service in a description. “Tools that can exploit this from a distance are likely to be created and distributed quickly.”

It is important that you check your Windows Updates today and apply the patches as soon as possible to prevent any damage to your OS and your private data as well once this vulnerability becomes used by malicious hackers!


January 15, 2020 Netspark - 1594 posts - Member since: May 9th, 2011 No Comments »

RATING :
Rockbottom!Very badBadAverageGoodVery goodAwesome! (1 votes, average: 7.00 out of 7)
Loading...
FILED UNDER :Computer , News , Technology , Thoughts
TAGGED WITH : , , , , , ,

Leave a comment