Otto background

Update Now! Windows CryptoAPI (Crypt32.dll) Spoofing Vulnerability

One of the critical vulnerabilities remedied in this month’s Patch Tuesday release, CVE-2020-0601, is getting special attention from the National Security Agency (NSA).

According to reports, the NSA discovered CVE-2020-0601 and alerted Microsoft to the problem instead of weaponizing the vulnerability.

  • CVE-2020-0601 is a Windows CryptoAPI Spoofing Vulnerability. The vulnerability exists in the way Windows CryptoAPI authenticates Elliptic Curve Cryptography certificates, and it affects Windows 10 users.

Attackers can exploit this vulnerability by using spoofed code-signing certificates to sign malicious files and make them appear to be from trusted, legitimate providers.

Users would have no way of knowing the files are malicious because the digital signatures appear to be from trusted sources. Successful exploitation can allow attackers to run man-in-the-middle attacks and decrypt confidential information.

Your Plan of Attack? Update and Patch Now!

The NSA released a statement on this month's Patch Tuesday, specifically to discuss this particular vulnerability and encourage users to patch their systems. As the NSA cautions, patching is the most effective way to mitigate the risks of this security vulnerability.

If you’ve already updated and have Automox policies in place, you should be secure. If not, we can help. Click here to learn how to create a patch policy in the Automox console.

About Automox Automated Patch Management

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Dive deeper into this topic