Microsoft patches severe Windows flaw after tip‑off from NSA

Microsoft patches severe Windows flaw after tip‑off from NSA

The US intelligence agency expects attackers to waste no time in developing tools aimed at exploiting the vulnerability



Microsoft has shipped out a security patch to address a serious vulnerability in the Windows operating system that, if abused, could enable attackers to make malware appear as though it was code from a legitimate source.


The vulnerability, which is being fixed as part of this month’s Patch Tuesday rollout, affects a key cryptographic component of Windows 10, Windows Server 2019 and Windows Server 2016. The flaw was discovered by the United States’ National Security Agency (NSA), which, for the first time ever, is now officially credited with the discovery of a software vulnerability.


Indexed as CVE-2020-0601, the bug resides “in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates,” reads Microsoft’s security advisory. The Crypt32.dll module is responsible for many certificate and cryptographic messaging functions in the CryptoAPI.


“An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source,“ said Microsoft.


In other words, a threat actor could get victims to install malware by passing it off as, say, a legitimate software update, including from Microsoft itself, while the targets would be none the wiser.


“The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provid ..

Support the originator by clicking the read the rest link below.