CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability
Microsoft announced on its January patch Tuesday (14/01/2020) that a new exploit has been identified and resolved. A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. Fortunately, this is resolved in the January 2020 Cumulative patch released by Microsoft for Windows 10 and Windows Server 2016 & 2019.
Foundation IT customers have been informed of the vulnerability so we can work with and help co-ordinate a quick resolution for this vulnerability. The vulnerability ID is CVE-2020-0601 and further information can be found here: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0601#ID0EGB
About the Author: Mike Starnes
Mike has worked in the IT Industry for over 20 years. If he's not talking technology, he'll be reading, playing football or trying to embarrass his daughters.