H L Data Storage Store Banner 970x90
Breaking News

Samsung Announces Galaxy Watch5 and Galaxy Watch5 Pro Samsung announces Galaxy Z Flip4, Galaxy Z Fold4 and Buds2 Pro Snapdragon 8+ Gen 1 Powers Samsung Galaxy Z Series Devices Globally G.SKILL Announces MD2 Mid-Tower PC Case Shuttle announces Xeon-compatible Mini-PC Barebone with 4x LAN and ECC RAM support

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Microsoft Releases Critical Windows Security Pathes Discovered by U.S. NSA

Microsoft Releases Critical Windows Security Pathes Discovered by U.S. NSA

PC components Jan 14,2020 0

Microsoft on Tuesday rolled out an important security fix after the U.S. National Security Agency tipped off the company to a serious flaw in its widely used Windows operating system.

The patches address the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10, Windows Seerver 2016 and Server 2019 systems. The vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography (ECC) certificates. This vulnerability is classed "Important" and Microsoft says it has not seen it used in active attacks.

An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.

NSA official Anne Neuberger noted that operators of classified networks had already been prodded to install the update and everyone else should now “expedite the implementation of the patch.”

NSA had been criticized after its own cyberspies took advantage of vulnerabilities in Microsoft products to deploy hacking tools against adversaries and kept Microsoft in the dark about it for years.

When one such tool was leaked to the internet by a group, it was deployed against targets around the globe by hackers of all stripes. A group used the tool to unleash a massive malware outbreak dubbed WannaCry in 2017.

Tags: Cybersecuritywindows 10Microsoftnsa
Previous Post
iPhone Hacking Firm Cellebrite Updates Tool
Next Post
Disney+ App Outpaces Streaming Rivals With 40.9 Million Downloads

Related Posts

  • Samsung and Microsoft Partner to Bring The Xbox App to Samsung Gaming Hub

  • Apple, Google, and Microsoft commit to expanded support for FIDO standard

  • Microsoft to acquire Activision Blizzard to bring the joy and community of gaming to everyone, across every device

  • Introducing new Surface products, built for Windows 11

  • Introducing Windows 11

  • Microsoft announces Surface Laptop 4

  • Whats best for you MAC or PC?

  • Microsoft Introduces Surface Pro 7+

H L Data Storage Store Banner 300x600

 

Latest News

Samsung Announces Galaxy Watch5 and Galaxy Watch5 Pro
Consumer Electronics

Samsung Announces Galaxy Watch5 and Galaxy Watch5 Pro

Samsung announces Galaxy Z Flip4, Galaxy Z Fold4 and Buds2 Pro
Enterprise & IT

Samsung announces Galaxy Z Flip4, Galaxy Z Fold4 and Buds2 Pro

Snapdragon 8+ Gen 1 Powers Samsung Galaxy Z Series Devices Globally
Smartphones

Snapdragon 8+ Gen 1 Powers Samsung Galaxy Z Series Devices Globally

G.SKILL Announces MD2 Mid-Tower PC Case
Cooling Systems

G.SKILL Announces MD2 Mid-Tower PC Case

Shuttle announces Xeon-compatible Mini-PC Barebone with 4x LAN and ECC RAM support
Enterprise & IT

Shuttle announces Xeon-compatible Mini-PC Barebone with 4x LAN and ECC RAM support

Popular Reviews

CeBIT 2005

CeBIT 2005

CeBIT 2006

CeBIT 2006

Zidoo Z9S 4K Media Player review

Zidoo Z9S 4K Media Player review

LiteOn iHBS112 review

LiteOn iHBS112 review

Club3D HD3850

Club3D HD3850

External USB Slim Recorders Comparison

External USB Slim Recorders Comparison

Pioneer BDR-2207 (BDR-207M) BDXL burner review

Pioneer BDR-2207 (BDR-207M) BDXL burner review

Crucial P1 NVMe 1TB SSD review

Crucial P1 NVMe 1TB SSD review

  • Home
  • News
  • Reviews
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed