A serious security flaw affects Windows 10 and Windows Server 2016.

Windows Articles

How to update apps on Android

Hi folks! In this post, we will show you how to update your Android apps. Updating the apps on your device is...

How to install Apache Ant on Ubuntu 20.04?

Hello, friends. Apache Ant is a very important tool for the development of applications in Java. So in this post, we will...

How to use the ss command

For Linux users, there will come a time when you need to know about the network. Several tools help in this process,...

How to create user template in Windows Server 2019/2016

Hello! Windows Server has many features that support system administration. For example, through the users it is possible to manage many administrative...

Debian 10.6 available

Several volunteers have developed the free software distributed under the name of Debian. Debian does not sell its software directly, the developers...

Several media specialized in technology have reported the presence of a vulnerability that affected Windows 10 in all its versions and Windows Server 2016. Interestingly, this threat was discovered by the U.S. National Security Agency. Consequently, the agency decided to inform Microsoft to find a solution as soon as possible. Recently Microsoft confirmed the vulnerability in both operating systems. It has also published the patch for the systems. A quick update is recommended. Next, we will see, how this security flaw affects Windows 10 and Windows Server 2016.

The failure affects the handling of certificates and encrypted messaging.

The security flaw is a phishing vulnerability that affects Windows CryptoAPI (Crypt32.dll) Under these circumstances, Elliptic Curve Cryptography (ECC) certificates are eventually validated. This would allow an attacker to forge digital signatures, making the malware look like a legitimate application. In other words, a false code signing certificate is created to sign a malicious executable. This way it appears that the file comes from a legitimate and trusted source. Consequently, it would be difficult for the user to know that the file is malicious since the digital signature would seem to come from a reliable provider.

As a consequence of this vulnerability, the attacker could perform man-in-the-middle attacks. And in this way decode confidential information about user connections within almost any application on Windows 10 and Server 2016. Consequently, authentication on Windows desktops and servers is under threat. Similarly, sensitive data entered into Internet Explorer and Edge could be affected. On the other hand, Microsoft claims that it has no reports that the bug has been exploited. However, it is still a major security flaw.

How to solve the failure.

As mentioned, Microsoft has already detected the bug and released the respective patches. This way the operating system can detect and block malware that tries to exploit the vulnerability. One of the first entities to receive the patch was the United States Army. Similarly, other high-level customers and other potential targets. However, Microsoft has made available to the public the update CVE-2020-0601. It can be downloaded from this link. We have finally seen how this security flaw affects Windows 10 and Windows Server 2016. As always, it is advisable to take precautions to protect the operating system. Please keep Windows up to date, surf wisely and always use a good antivirus. That’s all for now before I go I invite you to see our post about Ruby on Windows 10.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to update apps on Android

Hi folks! In this post, we will show you how to update your Android apps. Updating the apps on your device is...

How to install Apache Ant on Ubuntu 20.04?

Hello, friends. Apache Ant is a very important tool for the development of applications in Java. So in this post, we will...

How to use the ss command

For Linux users, there will come a time when you need to know about the network. Several tools help in this process,...

How to create user template in Windows Server 2019/2016

Hello! Windows Server has many features that support system administration. For example, through the users it is possible to manage many administrative...

Debian 10.6 available

Several volunteers have developed the free software distributed under the name of Debian. Debian does not sell its software directly, the developers...