Experts Advise On Microsoft Issues Patch To Fix Severe Vulnerability Discovered In Windows

Brian Krebs posted a story last night about an emergency patch Microsoft sent to government agencies, branches of the US military and other organisations responsible for managing internet infrastructure. The vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

Yonatan Striem-Amit, CTO and Co-Founder,  Cybereason
January 15, 2020
According to these rumors, the patch is so severe.
14th, as part of the first Patch Tuesday of 2020. According to these rumors, the patch is so severe that government agencies and critical internet service providers have received warning ahead of time to install and incorporate these patches. More specifically, the patches are stated to fix an issue with 'crypt32.dll.' This 'dll' hosts the functionality in Windows that handles cryptography and spe ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article