Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum


Urgent !! Windows User Urged to Patch A Critical Crypto Vulnerability on Windows 10

1 Replies, 1171 Views

In The Name Of Allah
Al-Salam Alekum

[Image: Windows-vulnerability-patch-update.jpg]

Hello guys, today windows 10 users forced to do a urgent update. Tho, Windows 10 as it is the most used system worldwide it never stops updating. Always their are more focus on top systems to explore holes.

Quote:Microsoft released a patch for this critical cryptographic vulnerability and said that the vulnerability in theĀ usermode cryptographic library, CRYPT32.DLL, that affects Windows 10 systems.
Quote:The vulnerability discovered by the National Security Agency (NSA) and confirmed that this critical bug allows an attacker to perform remote code execution on vulnerable Windows client and server.

This critical bug exploited by an attacker to undermine how Windows verifies cryptographic trust and Validate Elliptic Curve Cryptography (ECC) certificates that enable the RCE to take control of the system.

The Source

Stay Safe and Secure :_)
Wa Salam Alekum
* Thankful to Allah *
(This post was last modified: 01-15-2020, 11:11 AM by Mr.Kurd.)
This is not so critical.
The RCE which is mentioned is also not as bad as it seems, all that CVE-2020-0601 does is spoofs a sign certificate on executable so it looks like it's signed by a legit company, you still have to double-click the exe or what ever other format that executables come in.
It's the same if I have created a RAT without this exploit, a user would still need to execute it by hand.

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 892 11-06-2020, 04:22 AM
Last Post: News
Star News Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wi News 0 945 11-01-2020, 06:12 AM
Last Post: News
Star News IoT Vulnerability Disclosure Platform Launched News 0 962 10-20-2020, 09:58 AM
Last Post: News
Star News APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elect News 0 926 10-10-2020, 07:06 AM
Last Post: News
Star News Zerologon Vulnerability Used in APT Attacks News 0 998 10-07-2020, 11:12 AM
Last Post: News
Star News Vulnerability Disclosure Programs See Signups & Payouts Surge News 0 832 09-23-2020, 12:57 PM
Last Post: News
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 936 09-21-2020, 09:26 AM
Last Post: News
Star News Can Vulnerability Scanning Replace Penetration Testing? News 0 918 08-30-2020, 02:08 AM
Last Post: News
Star News Vulnerability Volume Poised to Overwhelm Infosec Teams News 0 908 08-28-2020, 09:14 AM
Last Post: News
Star News Vulnerability Prioritization: Are You Getting It Right? News 0 1,602 08-10-2020, 07:33 PM
Last Post: News

Users browsing this thread: 1 Guest(s)