{"id":9933,"date":"2020-01-27T01:05:24","date_gmt":"2020-01-27T01:05:24","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=9933"},"modified":"2020-01-27T01:05:24","modified_gmt":"2020-01-27T01:05:24","slug":"windows-cryptoapi-high-risk-vulnerability-cve-2020-0601-security-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/windows-cryptoapi-high-risk-vulnerability-cve-2020-0601-security-alert\/","title":{"rendered":"Windows CryptoAPI High Risk Vulnerability (CVE-2020-0601) Security Alert"},"content":{"rendered":"

Overview<\/strong><\/h2>\n

 <\/p>\n

On January 14, local time, one of the latest monthly patch updates from Microsoft fixed the Windows CryptoAPI spoofing vulnerability (CVE-2020-0601) discovered and reported to Microsoft by the National Security Agency (NSA), which affects Windows 10. , Windows Server 2016 and Windows Server 2019.<\/p>\n

According to a bulletin issued by Microsoft, this security vulnerability, also known as “NSACrypt”, resides in the Crypt32.dll module and is a spoofing vulnerability in Windows CryptoAPI’s verification of Elliptic Curve Cryptography (ECC) certificates.<\/p>\n

An attacker could exploit this vulnerability by signing a malicious executable with a deceptive code signing certificate, making the malware look like a normal program produced and signed by a legitimate software company.<\/p>\n

In addition, the vulnerability could be used to perform a man-in-the-middle attack, in which the attacker would decrypt confidential information in the connection between the user and the affected software.<\/p>\n

This update addresses the issue by ensuring that Windows CryptoAPI fully validates the ECC certificate.<\/p>\n

 <\/p>\n

Affected and Supported Products<\/strong><\/h2>\n