Home News The NSA discovered a Flaw in Windows 10

The NSA discovered a Flaw in Windows 10

Microsoft has now published its January security advisories and warning its users about 49 new vulnerabilities in its various products.

What is special about it is that one of this updates can fix a critical flaw in the cryptographic feature used by Windows 10, Windows Server 2016 and Windows Server 2019. The flaw was discovered by the National Security Agency (NSA) of the United States.

The interesting thing here is that this is the first time a security flaw in Windows OS is reported by the NSA. Remember that Windows 10 had a flaw in the SMB that the NSA kept in secret for more than 5 years, then a mysterious group made it public and this was one of the cause of the WannaCry in 2017.

CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability

According to an advisory released by Microsoft, the flaw, dubbed ‘NSACrypt’ and tracked as CVE-2020-0601, resides in the Crypt32.dll module that contains various ‘Certificate and Cryptographic Messaging functions’ used by the Windows Crypto API for handling encryption and decryption of data.
The issue resides in the way Crypt32.dll module validates Elliptic Curve Cryptography (ECC) certificates that is currently the industry standard for public-key cryptography and used in the majority of SSL/TLS certificates.

In a press release published by the NSA, the agency explains “the certificate validation vulnerability allows an attacker to undermine how Windows verifies cryptographic trust and can enable remote code execution.”

Exploitation of the vulnerability allows attackers to abuse validation of trust between:

  • HTTPS connections
  • Signed files and emails
  • Signed executable code launched as user-mode processes

Though technical details of the flaw are not yet available to the public, Microsoft confirms the flaw, which if exploited successfully, could allow attackers to spoof digital signatures on software, tricking the operating system into installing malicious software while impersonating the identity of any legitimate software—without users’ knowledge.

“A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates,” the microsoft advisory says.

“An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious because the digital signature would appear to be from a trusted provider.”

Besides this, the flaw in CryptoAPI could also make it easy for remote man-in-the-middle attackers to impersonate websites or decrypt confidential information on user connections to the affected software.

“This vulnerability is classed Important and we have not seen it used in active attacks,” the microsoft said in a separate blog post.

“This vulnerability is one example of our partnership with the security research community where a vulnerability was privately disclosed and an update released to ensure customers were not put at risk.”

“The consequences of not patching the vulnerability are severe and widespread. Remote exploitation tools will likely be made quickly and widely available,” the NSA said.

Besides Windows CryptoAPI spoofing vulnerability that has been rated ‘important’ in severity, Microsoft has also patched 48 other vulnerabilities, 8 of which are critical and rest all 40 are important.

There is no mitigating or workaround available for this vulnerability, so you’re highly recommended to install the latest software updates by heading on to your Windows Settings → Update & Security → Windows Update → clicking ‘Check for updates on your PC.’

Other Critical RCE Flaws in Windows

Two of the critical issues affect Windows Remote Desktop Gateway (RD Gateway), tracked as CVE-2020-0609 and CVE-2020-0610, that can be exploited by unauthenticated attackers to execute malicious code on targeted systems just by sending a specially crafted request via RDP.

“This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system,” the advisory says.

One critical issue in Remote Desktop Client, tracked as CVE-2020-0611, could lead to a reverse RDP attack where a malicious server can execute arbitrary code on the computer of the connecting client.ability

“To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it,” the advisory says.

“An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect.”

Fortunately, none of the flaws addressed this month by Microsoft were publicly disclosed or found being exploited in the wild.

Richard Sabinohttp://itspecialistdr.com
I like to share Information Technology News and how-to tips with all the people around me. I created this blog to reach the most people I can.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read

Microsoft Antivirus will reach Android and iOS devices

Microsoft has to its credit one of the best-considered antivirus in the computer security market. Windows users can protect their PCs with...

Computers having Windows 7 can’t shut down or restart, here’s a workaround

As most of you know, in mid-January Microsoft discontinued support for Windows 7, but a bug preventing users to shut down or restarting...

How Jeff Bezos’ iPhone X, the CEO of Amazon, Was Hacked

Almost two years ago, Jeff Bezos' iPhone was hacked. Then, in 2019, the Amazon CEO is on a mission to figure out...

Microsoft will force Bing as default search engine on Google Chrome

Microsoft has announced last week that it will change the default search engine of Google Chrome to Bing - The Microsoft's own...

Apple: Why Europe wants to force the tech giant to stop using its “lightning” cable

Lightning, the characteristic connector cable for charging and synchronizing many Apple devices, could have its days counted in Europe.

How to: Whitelist Email Addresses in Microsoft Office 365

Sometimes Exchange can be a little overzealous in protecting you from spam and other unwanted email. To make sure messages get through,...

The NSA discovered a Flaw in Windows 10

Microsoft has now published its January security advisories and warning its users about 49 new vulnerabilities in its various products.