Microsoft has released patches for Windows 10 and Windows Server to resolve a vulnerability reported by the NSA and which would allow a malicious actor to run malware disguised as a legitimate app.
The flaw, which prior to the release of the patches was describes as “extraordinarily scary,” affects the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.
A successful exploit technically gives the attacker the power of conducting a man-in-the-middle attack and then be able to decrypt sensitive information.
“An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signat…
Advertise on IT Security News.
Read the complete article: Microsoft Patches NSA Security Vulnerability in Windows 10