Two proof-of-concept exploits for the "broad cryptographic vulnerability" discovered by the US National Security Agency (NSA), have just been publicly released. Microsoft confirmed CVE-2020-0601 involves Windows CryptoAPI and says "a spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates" which can be used to "to sign a malicious executable, making […]
Read More: Proof-of-concept exploits for Microsoft Crypto bug released
from MSPoweruser https://ift.tt/30zwNRB
via IFTTT
No comments:
Post a Comment