Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) | Daisy Corporate Services

Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)

15th January 2020

Daisy has received a notification of a vulnerability (CVE-2020-0601) that affects a number of Windows versions . The flaw exists in Microsoft’s Crypto API (crypt32.dll) which handles encryption and digital signatures. The vulnerability enables an attacker to perform a number of malicious actions against affected systems such as spoofing signed files and email. Spoofing signed executable code which can fool security software into thinking the code is safe and creating TLS certificates that look to be valid when the attacker has performed a Man In The Middle (MITM) attack.

There is now some evidence to suggest that security researchers have already been able to reproduce the vulnerability.


Affected Platforms:

Windows 10
Windows Server 2016
Windows Server 2019
Windows Server version 1803/1903/1909

Further information relating to this vulnerability is available within the links below
https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
and
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Daisy will deploy patches to customer systems in line with our normal patching policies for Microsoft’s monthly update cycle, for systems for which we have responsibility and where appropriate support is in place.