Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Corsair H170i Elite Capellix XT review
Forspoken: PC performance graphics benchmarks
ASRock Z790 Taichi review
The Callisto Protocol: PC graphics benchmarks
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review

New Downloads
FurMark Download v1.33.0.0
Intel ARC graphics Driver Download Version: 31.0.101.4091
Corsair Utility Engine Download (iCUE) Download v4.33.138
CPU-Z download v2.04
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download


New Forum Topics
GeForce NVIDIA RTX 6000 with fully active AD102  Does Not Beat RTX 4090  in 3DMark Nvidia shows signs ... 7940HS engineering sample benchmarks (true, not true?) Microsoft Now Is Proactively Informing Windows 10 users to update to Windows 11 Amernime Zone AMD Software: Adrenalin / Pro Driver - Release Discovery 22.12.2 WHQL Grab for free: Dishonored: Death of the Outider at Epic Games Store AMD Ryzen 7 7700X sees price drop to $299 Review: Corsair H170i Elite Capellix XT RTX 4090 Owner's thread AMD Software: Adrenalin Edition 23.1.2 for AMD Radeon™ RX 7900 Series




Guru3D.com » News » Microsoft patches crypt32.dll vulnerability that allows certificate spoofing

Microsoft patches crypt32.dll vulnerability that allows certificate spoofing

by Hilbert Hagedoorn on: 01/15/2020 09:39 AM | source: krebs | 18 comment(s)
Microsoft patches crypt32.dll vulnerability that allows certificate spoofing

Yesterday we shared news about a big potential vulnerability with a Microsoft Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions. You should have received a patch update, and now the specifics are shared.

Microsoft on Tuesday rolled out an important security fix after the U.S. National Security Agency tipped off the company to a serious flaw in its widely used Windows operating system.

The patch closes a really serious leak in Windows allowing allows attackers to spoof digital certificates. By exploiting that, encrypted communication can be intercepted or a man-in-the-middle attack can be performed. Crypt32.dll is a component within Windows that validates certificates. The vulnerability in Crypt32.dll makes it possible to spoof Elliptic Curve Cryptography, or ECC certificates. Windows creates such ECC certificates, among other things, when handling https traffic.

The patches address the vulnerability CVE-2020-0601 in the usermode cryptographic library, CRYPT32.DLL, that affects Windows 10, Windows Seerver 2016 and Server 2019 systems. The vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography (ECC) certificates. This vulnerability is classed "Important" and Microsoft says it has not seen it used in active attacks. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. Microsoft has released updates for this flaw (CVE-2020-0601). Their advisory is here. The NSA’s writeup (PDF) includes quite a bit more detail, as does the advisory from CERT.

Microsoft classifies the update as "Important" and recommends that companies install it as quickly as possible. The NSA shared the same sentiment. "The consequences of not patching this vulnerability are large and widespread," writes the intelligence service in a description. "Tools that can exploit this from a distance are likely to be created and distributed quickly."

Please make sure you hit that Windows update button today.







« EEC website is listing Radeon RX 5800 XT, RX 5950, and RX 5950 XT · Microsoft patches crypt32.dll vulnerability that allows certificate spoofing · Epic Games Store has more than 100M users »

Related Stories

Rumor: Microsoft might share information on extremely critical vulnerability later today - 01/14/2020 03:53 PM
It's tagged as a rumor, but you can rest assured it'll become a fact. Keep an eye out on your Tuesday patches, and apply them. According to Krebs On Security, Microsoft is about to release an extre...

Promo: URCDKey Sale: Get Microsoft Office 2016 for $29.82 - 01/10/2020 11:11 AM
URCDKey is a license sites available for various platforms, whether for software or games. This time URCDKeys brings an offer at a competitive price, Microsoft Windows 10 Pro OEM and Office 2016 combo...

Microsoft shows several images of the Xbox Series X AMD SoC - 01/08/2020 10:27 AM
You can always tell it is an AMD chip by that metal side plating eh? Through their Twitter accounts, David Prien, Xbox Senior Hardware Director, and Xbox Head himself, Phil Spencer, revealed two imag...

Microsoft Flight Simulator - Snow Gameplay - 01/03/2020 09:16 AM
Asobo Studio shared a new Microsoft Flight Simulator gameplay video which shows snow environments. The simularor looks just spectacular.   ...

Microsoft at it again, advertising Gmail in Windows 10 Mail points to Outlook - 12/17/2019 11:28 AM
Perhaps you already have noticed it, Microsoft has started select advertising in the Windows suite. For example, in your Windows 10 mail app, you'll now see 'Get Gmail on your phone'. As if that by...


4 pages 1 2 3 4


fantaskarsef
Senior Member



Posts: 14161
Joined: 2014-07-21

#5750875 Posted on: 01/15/2020 09:53 AM
Well... the NSA advises you to install the patch to the discovered vulnerability they discovered... wait, let me get my tin foil, I'll be right back :D

KissSh0t
Senior Member



Posts: 12036
Joined: 2011-10-22

#5750881 Posted on: 01/15/2020 10:01 AM
Well... the NSA advises you to install the patch to the discovered vulnerability they discovered... wait, let me get my tin foil, I'll be right back :D


Pfttt... NSA, can you believe they used to try putting listening devices inside our homes?

Hey alexa, play despacito.


386SX
Senior Member



Posts: 1737
Joined: 2017-06-26

#5750884 Posted on: 01/15/2020 10:14 AM
I already posted this yesterday and urged users to update. Yes, it is really THIS bad. If unpatched, you could fall for spoofed certificates because your computer would think they are valid.

VPNs use certificates mostly, because "passwords are weak".
Webservers use certificates to encrypt the connection (online banking, webshops, you name it).
And much much more ....

So please update, at least this update, so you dont fall for this and you protect others by hardening your defense, so your computer wont be turned into a zombie.

BRAAAAAAAAAAAAAIIIIIIIIIIIIIIIIIIIIIIIIIIIINS! ;)

fantaskarsef
Senior Member



Posts: 14161
Joined: 2014-07-21

#5750886 Posted on: 01/15/2020 10:19 AM
I also wonder how the NSA discovered that... what certs they had rigged and suffered from it.
And, iirc, that lately there's been rigged certs for update programs of large companies (Asus?), rigged certs for "security" software (Avira?).

Astyanax
Senior Member



Posts: 14978
Joined: 2018-03-21

#5750890 Posted on: 01/15/2020 10:33 AM
windows 8.1 and 7 are immune :D

4 pages 1 2 3 4


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023