New
#1
"NSA discovers security flaw in Microsoft Windows operating system"
YouTube
Thought I would share.
Also see here A Vulnerability in the Microsoft Cryptographic Library CRYPT32.DLL Could Allow for Remote Code Execution
The article references KB4534306 and the updates here https://support.microsoft.com/en-gb/...date-kb4534306
I can't find KB4534306 on this forum. Has anyone installed the update and have any feedback?
Another post on the forum says the vulnerability was fixed in yesterday's cumulative update
Windows CryptoAPI Spoofing Vulnerability
The reported Common Vulnerability and Exposures (CVE) being referred to in above posts is:
CVE -
CVE-2020-0601
NVD - CVE-2020-0601
The above is the one that grabbed the media's attention. Yet it is only ranked as an "important" fix.
Yet to, other (8) "Black Tuesday" fixes this month have earned a "Critical" ranking but received far less publicity.
Pity.
Reference: Microsoft Patch Tuesday for January 2020