Jump to content

Search the Community

Showing results for tags 'crypt vulnerability'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 1 result

  1. Microsoft is expected to release a major software update on Tuesday, January 14 that will fix an "extraordinarily serious security vulnerability" affecting a core cryptographic component found in all versions of Windows. This will be the first Patch Tuesday release of 2020 from Microsoft. January 14 is also the day that Microsoft will end support for Windows 7. As reported by KrebsOnSecurity, Microsoft has already rolled out a patch to fix the bug for the U.S. military and other important high-profile clients and customers. These clients have been asked to sign agreements preventing them from disclosing details of the flaw on or before January 14, 2020. The flaw is found in the crypt32.dll system file which handles "certificate and cryptographic messaging functions in the CryptoAPI." It is also used by the Microsoft CryptoAPI that is used for securing cryptography applications and encrypting/decrypting digital certificates. This component is used by key Microsoft apps like Internet Explorer and Edge to securely handle sensitive data. A flaw in the crypt32.dll can be used to spoof digital signatures which can be used by attackers to make malware appear a safe and genuine app on your PC. The report also states that the NSA's Director of Cybersecurity Anne Neuberger is scheduled to host a press conference on January 14 where she will "provide advanced notification of a current cybersecurity issue." Microsoft on its part has already issued a statement saying that it does not discuss any vulnerabilities before rolling out a fix for them. It also made it clear that it does not roll out production-ready updates before its regular Update Tuesday schedule. Source: Microsoft expected to patch a serious security bug affecting all Windows versions today (via Neowin)
×
×
  • Create New...