BeQuiet Jubiläum Banner 970x90
Breaking News

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders Sonos and Amazon to expand access to voice control with Alexa on Sonos devices Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Releases Critical Windows Security Pathes Discovered by U.S. NSA

Microsoft Releases Critical Windows Security Pathes Discovered by U.S. NSA

PC components Jan 14,2020 0

Microsoft on Tuesday rolled out an important security fix after the U.S. National Security Agency tipped off the company to a serious flaw in its widely used Windows operating system.

The patches address the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10, Windows Seerver 2016 and Server 2019 systems. The vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography (ECC) certificates. This vulnerability is classed "Important" and Microsoft says it has not seen it used in active attacks.

An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.

NSA official Anne Neuberger noted that operators of classified networks had already been prodded to install the update and everyone else should now “expedite the implementation of the patch.”

NSA had been criticized after its own cyberspies took advantage of vulnerabilities in Microsoft products to deploy hacking tools against adversaries and kept Microsoft in the dark about it for years.

When one such tool was leaked to the internet by a group, it was deployed against targets around the globe by hackers of all stripes. A group used the tool to unleash a massive malware outbreak dubbed WannaCry in 2017.

Tags: Cybersecuritywindows 10Microsoftnsa
Previous Post
iPhone Hacking Firm Cellebrite Updates Tool
Next Post
Disney+ App Outpaces Streaming Rivals With 40.9 Million Downloads

Related Posts

  • Microsoft and OpenAI extend partnership

  • Do You Use Edge Browser?

  • Samsung and Microsoft Partner to Bring The Xbox App to Samsung Gaming Hub

  • Apple, Google, and Microsoft commit to expanded support for FIDO standard

  • Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device

  • Introducing new Surface products, built for Windows 11

  • Introducing Windows 11

  • Microsoft announces Surface Laptop 4

BeQuiet Jubiläum Banner 300x600

 

Latest News

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece
PC components

Razer unveils the Viper Mini Signature Edition – a magnesium alloy gaming masterpiece

CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders
PC components

CORSAIR Launches New VENGEANCE a8100 and i8100 Gaming PCs and New Component Products for PC Builders

Sonos and Amazon to expand access to voice control with Alexa on Sonos devices
Consumer Electronics

Sonos and Amazon to expand access to voice control with Alexa on Sonos devices

Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra
Smartphones

Samsung announces new S23/Plus/Ultra series and New Galaxy Book3 Ultra

PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more
Gaming

PS5 Beta Introduces Discord Voice Chat, VRR support for 1440p, and more

Popular Reviews

Withings Thermo Wi-Fi-connected temporal thermometer

Withings Thermo Wi-Fi-connected temporal thermometer

EnGenius ECW230 Access Point

EnGenius ECW230 Access Point

Withings Body Plus Scale

Withings Body Plus Scale

Withings Sleep Analyzer

Withings Sleep Analyzer

Noctua NH-D12L CPU Cooler

Noctua NH-D12L CPU Cooler

EnGenius ECW230S AP

EnGenius ECW230S AP

Scythe Fuma 2 CPU Cooler

Scythe Fuma 2 CPU Cooler

be quiet! Pure Rock 2 FX

be quiet! Pure Rock 2 FX

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed