Today, Microsoft announced a new CVE which deals with the encryption engine in Windows 10, Windows Server 2016 and 2019 Operating Systems.
This vulnerability was found by NSA researchers, so today’s “Patch Tuesday January 2020” includes a patch for this crypto vulnerability.
Use KB4534306, KB4534271, KB4534276, KB4534293, KB4534273, KB4528760 to install on your systems, otherwise, install directly via windows update, wsus or your patch management software of choice. This also includes Windows Update Catalog.
KB4534271 for server 2016
KB4534273 for server 2019
KB4534293 for Windows Server version 1803
KB4528760 for Windows Server version 1903 and 1909
The post CVE-2020-0601 | Windows Cryptoapi Spoofing Vulnerability Crypt32.dll NSA appeared first on ChannelSOC.
This post first appeared on Have You Been Compromised And Don’t Know It? Pro-actively Identify Threats That Evade Your Existing Security Controls, please read the originial post: here