16 votes CVE-2020-0601 - Windows CryptoAPI spoofing vulnerability Posted January 14, 2020 by Deimos Tags: security, microsoft, windows, nsa https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 1 comment Collapse replies Expand all Comments sorted by most votes newest first order posted relevance OK Deimos (OP) January 14, 2020 (edited January 14, 2020) Link There's a ton of press today related to this vulnerability because it was discovered by the NSA and reported to Microsoft. For example: NSA found a dangerous Microsoft software flaw and alerted... There's a ton of press today related to this vulnerability because it was discovered by the NSA and reported to Microsoft. For example: NSA found a dangerous Microsoft software flaw and alerted the firm — rather than weaponize it The first information about it was published by Brian Krebs last night: Cryptic Rumblings Ahead of First 2020 Patch Tuesday This details page just went up, and hopefully we'll get some more information soon. Edit: Here's an NSA tweet with a link to a PDF (and image version of it) describing it in more detail: https://www.twitter.com/NSAGov/status/1217152211056238593 4 votes
Deimos (OP) January 14, 2020 (edited January 14, 2020) Link There's a ton of press today related to this vulnerability because it was discovered by the NSA and reported to Microsoft. For example: NSA found a dangerous Microsoft software flaw and alerted... There's a ton of press today related to this vulnerability because it was discovered by the NSA and reported to Microsoft. For example: NSA found a dangerous Microsoft software flaw and alerted the firm — rather than weaponize it The first information about it was published by Brian Krebs last night: Cryptic Rumblings Ahead of First 2020 Patch Tuesday This details page just went up, and hopefully we'll get some more information soon. Edit: Here's an NSA tweet with a link to a PDF (and image version of it) describing it in more detail: https://www.twitter.com/NSAGov/status/1217152211056238593 4 votes
There's a ton of press today related to this vulnerability because it was discovered by the NSA and reported to Microsoft. For example: NSA found a dangerous Microsoft software flaw and alerted the firm — rather than weaponize it
The first information about it was published by Brian Krebs last night: Cryptic Rumblings Ahead of First 2020 Patch Tuesday
This details page just went up, and hopefully we'll get some more information soon.
Edit: Here's an NSA tweet with a link to a PDF (and image version of it) describing it in more detail: https://www.twitter.com/NSAGov/status/1217152211056238593