Several media specialized in technology have reported the presence of a vulnerability that affected Windows 10 in all its versions and Windows Server 2016. Interestingly, this threat was discovered by the U.S. National Security Agency. Consequently, the agency decided to inform Microsoft to find a solution as soon as possible. Recently Microsoft confirmed the vulnerability in both operating systems. It has also published the patch for the systems. A quick update is recommended. Next, we will see, how this security flaw affects Windows 10 and Windows Server 2016.
The failure affects the handling of certificates and encrypted messaging.
The security flaw is a phishing vulnerability that affects Windows CryptoAPI (Crypt32.dll) Under these circumstances, Elliptic Curve Cryptography (ECC) certificates are eventually validated. This would allow an attacker to forge digital signatures, making the malware look like a legitimate application. In other words, a false code signing certificate is created to sign a malicious executable. This way it appears that the file comes from a legitimate and trusted source. Consequently, it would be difficult for the user to know that the file is malicious since the digital signature would seem to come from a reliable provider.
As a consequence of this vulnerability, the attacker could perform man-in-the-middle attacks. And in this way decode confidential information about user connections within almost any application on Windows 10 and Server 2016. Consequently, authentication on Windows desktops and servers is under threat. Similarly, sensitive data entered into Internet Explorer and Edge could be affected. On the other hand, Microsoft claims that it has no reports that the bug has been exploited. However, it is still a major security flaw.
How to solve the failure.
As mentioned, Microsoft has already detected the bug and released the respective patches. This way the operating system can detect and block malware that tries to exploit the vulnerability. One of the first entities to receive the patch was the United States Army. Similarly, other high-level customers and other potential targets. However, Microsoft has made available to the public the update CVE-2020-0601. It can be downloaded from this link. We have finally seen how this security flaw affects Windows 10 and Windows Server 2016. As always, it is advisable to take precautions to protect the operating system. Please keep Windows up to date, surf wisely and always use a good antivirus. That’s all for now before I go I invite you to see our post about Ruby on Windows 10.