Microsoft has released a critical patch for Windows 10. The patch closes a vulnerability discovered by the NSA.
In a press release published by the NSA, the agency explains “the certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution.
Exploitation of the vulnerability allows attackers to abuse validation of trust between:
- HTTPS connections
- Signed files and emails
- Signed executable code launched as user-mode processes
Though technical details of the flaw are not yet available to the public, Microsoft confirms the flaw, which if exploited successfully, could allow attackers to spoof digital signatures on software, tricking the operating system into installing malicious software while impersonating the identity of any legitimate software—without users’ knowledge.
“A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates,” the microsoft advisory says.
Quote from – Hacker News
At the time of posting there have not been any recorded attacks using this vulnerability. The NSA privately informed Microsoft of the vulnerability and Microsoft acted accordingly.
You are highly recommended to install the latest updates for Windows 10. If you need help or are a business owner wanting to ensure you are protected please contact our Tech Consultants. We will be happy to help you protect your business.