ePrivacy and GPDR Cookie Consent by Cookie Consent
CVE-2020-0601, Are You Vulnerable? – IT Security Guru – Digitalmunition




News James Fisher and Son “No indication” data lost during cyber attack

Published on January 17th, 2020 📆 | 3462 Views ⚑

0

CVE-2020-0601, Are You Vulnerable? – IT Security Guru

What is it?

A man-in-the-middle/spoofing vulnerability exists in Windows 10, Windows Server 2016/2019 – when an authenticated attacker is on the target system, they can use a spoofed code-signing certificate to sign malicious executables making the file appear as if it’s from a trusted source. This vulnerability is post-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could conduct man-in-the-middle attacks and decrypt encrypted traffic such as traffic sent over the encrypted protocol of HTTPS. To exploit this vulnerability, an attacker would need to be authenticated to the device.

Should I be worried? 
You may be vulnerable if you have unpatched Windows machines running Windows 10 or Windows Server 2016/2019.

What do I need to do?

Currently, there is no safe PoC for testing assets. Once a PoC is developed or available in the wild, Edgescan clients will be notified as soon as possible, if they are vulnerable.

You should also check your patching as per for Windows 10 or Windows Server 2016/2019:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Here for CVE advisory:

https://nvd.nist.gov/vuln/detail/CVE-2020-0601

Here for the NSA advisory:

https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF

 

This content was originally published by edgescan: https://www.edgescan.com/cve-2020-0601-security-advice-from-edgescan?utm_content=112591434&utm_medium=social&utm_source=linkedin&hss_channel=lcp-2928425

 

FacebookLinkedIn

Source link

Tagged with:



Leave a Reply

Your email address will not be published. Required fields are marked *


loading...