The US National Security
Agency has announced the discovery of a serious security vulnerability within
Windows 10 and Windows Server 2016/2019 that exploits a component known as
CryptoAPI. Microsoft has released a patch to fix it and all users of these
operating systems are advised to implement this patch immediately.
Developers use digital signatures
to prove that their software is legitimate and has not been tampered with.
However, this security vulnerability could allow an attacker to spoof
legitimate software, undermining how Windows verifies trust and allowing the
running of malicious software, like ransomware, in the
background. According to Microsoft, the user would have no way of knowing
a file was malicious, because the digital signature would appear to be from a
trusted provider.
The vulnerability affects Windows
10 and Windows Server 2016/2019 as well as applications that rely on Windows
for trust functionality, such as HTTPS connections, signed files and emails,
and signed executable code launched as user-mode processes.
Businesses running affected
systems should install all patches from January 2020 as soon as possible,
prioritizing endpoints that provide essential services.
Links to critical patches are
contained within the Security Guidance Advisory from Microsoft.
Thanks for your time
and attention,