As expected yesterday, Microsoft kicked off the release of a updating for all versions of Windows in circulation whose objective is to remedy a serious vulnerability identified within the component crypt32.dll. The problem, labeled as CVE-2020-0601, is thus described by the Redmond group.
A spoofing vulnerability exists that allows the CryptoAPI component (crypt32.dll) to validate Elliptic Curve Cryptography (ECC) certificates.
Windows: Update for crypt32.dll vulnerability arrives
By forcing the flaw, an attacker could attribute malware to a digital signature such as to make its true nature invisible to radar of security software as well as to users' eyes. They would do so the information is at risk saved on devices, from sensitive data to documents, up to credentials for authentication to services and details on payment methods.
The attacker could exploit the vulnerability by using the assignment of a certificate to malicious code, making the file appear as created by a legitimate source. The user would thus have no way of knowing its dangerous nature since the digital signature would appear as attributed to a reliable supplier.
The vulnerability of CryptoAPI also shows the side ad man-in-the-middle attacks or those implemented in order to intercept the information received or transmitted by the user.
As anticipated yesterday, the problem was discovered National Security Agency United States, who immediately reported it to Microsoft, giving the software house the time necessary to package the update and start distributing it. Further details in the shared document Agency. The advice is to proceed with the download and installation of the update (a restart is required at the end of the process) as soon as possible.