Now Akamai has published proof-of-concept (PoC) code that shows how exploitation works, employing an old version of the Chrome web browser (v48) which uses CryptoAPI to check certificate legitimacy.

I'm trying to implement decryption of data in a .Net app that was encrypted via Win32 CryptoAPI (wincrypt). A lot of it has been hit or miss for me, since I'm a native C/C++ dev that gets to play ...

On Jan 14. @Microsoft addressed a critical flaw discovered by the #NSA in the #Windows10, Windows Server 2016 and 2019 versions of crypt32.dll, the library implementing Windows' CryptoAPI.

In 2022, the National Security Agency, in conjunction with the U.K’s National Cyber Security Centre, reported a critical vulnerability in the Windows CryptoAPI to Microsoft. While this was ...

Time to Patch Anne Neuberger CERT Coordination Center CERT-CC crypt32.dll microsoft Microsoft CryptoAPI national security agency nsa Patch Tuesday January 2020 Will Dormann windows ...

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...

A bug in the Windows CryptoAPI is still unpatched on most data centre systems. Security researchers from Akamai said that the bug was discovered and fixed by Microsoft in August 2022, but 99 ...

The CVE-2020-0601 bug The vulnerability, tracked as CVE-2020-0601, impacts the Windows CryptoAPI, a core component of the Windows operating system that handles cryptographic operations.

Time to Patch Anne Neuberger CERT Coordination Center CERT-CC crypt32.dll microsoft Microsoft CryptoAPI national security agency nsa Patch Tuesday January 2020 Will Dormann windows Post navigation ...