This Vulnerability will affect all the version of Windows past decades, 20 years.
Microsoft will soon release a patch on 14 Jan 2020 for this extremely Dangerous Vulnerability in a Windows module called crypt32.dll. This crypt32.dll is responsible for certificates and it is also responsible for exchange of encrypted messages in the Windows Crypto API. This API helps developers encryption and decryption of data using digital certificates. This flaw can be misused by malware writer and even ransomware writer in spoofing digital certificates and the malware will appear as a benign program.
According to KrebsOnSecurity portal, Microsoft has already shared the patch with the defense organizations and the country wide critical infrastructures. According to International Institute of Cyber Security, this vulnerability poses a serious threat on the important Windows functions:
- Windows Authentication on desktop and servers
- Confidential data retained by Microsoft Internet Explorer and Edge browsers
- and third-party applications.
This vulnerability is present in Windows from decades, starting Windows NT. Microsoft will release a patch on Tuesday and possibly some more information regarding the vulnerability.
The post Microsoft will fix most dangerous vulnerability in Windows appeared first on Information Security Newspaper.