Tag: CVE-2020-0601

Windows CryptoAPI Spoofing Vulnerability CVE-2020-0601

NSA has discovered a critical vulnerability affecting Microsoft Windows cryptographic functionality. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. The vulnerability affects Windows 10 and Windows Server 2016/2019 as well as applications that rely on Windows for trust functionality. Microsoft released a patch today for Windows CryptoAPI […]