• About
  • Advertise
  • Careers
  • Contact
Sunday, February 5, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSA

by Cyber360 News
January 15, 2020
in Security
0
Microsoft addresses CVE-2020-0601 flaw, the first issue ever reported by NSA
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

Microsoft has released a security update to address “a broad cryptographic vulnerability” that is impacting its Windows operating system.

Microsoft Patch Tuesday updates for January 2020 address a total of 49 vulnerabilities in various products, including a serious flaw, tracked as CVE-2020-0601, in the core cryptographic component of Windows 10, Server 2016 and 2019 editions.

The CVE-2020-0601 vulnerability is different from any other previously addressed flaws because it was reported by the NSA and this is the first time that the US intelligence agency has reported a bug to the tech giant.

The flaw, dubbed ‘NSACrypt’ and tracked as CVE-2020-0601, resides in the Crypt32.dll module that contains various ‘Certificate and Cryptographic Messaging functions’ used by the Windows Crypto API for data encryption.  

The flaw affects the way Crypt32.dll module validates Elliptic Curve Cryptography (ECC) certificates.

In a press release published by the NSA, the agency explains “the certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution.”

“A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.” reads the security advisory published by Microsoft.

“An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.”

An attacker could exploit the flaw to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.

An attacker could also trigger the issue to spoof digital signatures on software tricking the system into believing that it is a legitimate application.

Microsoft addressed the issue by ensuring that Windows CryptoAPI completely validates ECC certificates.

Microsoft did not release technical details of the vulnerability to avoid its public exploitation.

Microsoft confirmed that it is not aware of attacks in the wild exploiting the CVE-2020-0601 flaw.

“This month we addressed the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10 systems. This vulnerability is classed Important and we have not seen it used in active attacks.” reads a blog post published by Microsoft.

“This vulnerability is one example of our partnership with the security research community where a vulnerability was privately disclosed and an update released to ensure customers were not put at risk.”

The NSA has also released a security advisory that includes mitigation information.

“NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows®1 cryptographic functionality. The certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution.” reads the NSA’s advisory.

“The consequences of not patching the vulnerability are severe and widespread. Remote exploitation tools will likely be made quickly and widely available”.

Microsoft also addresses 48 other vulnerabilities, 8 of which are rated as critical and remaining are rated as important.

None of the issues addressed this month by Microsoft were being exploited in the wild.

Pierluigi Paganini

(SecurityAffairs – CVE-2020-0601, hacking)



Share On


Cyber360 News

Cyber360 News

Next Post
Another day, another Android malware.

Another day, another Android malware.

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In