Threat Watch

Microsoft Planning to Patch Critical Windows Security Flaw

KrebsonSecurity has reported that Microsoft plans to kick off patch Tuesday by delivering a fix for a substantial cryptographic flaw present in all versions of Windows. Krebs believes the flaw lies within the crypt32.dll file, and if unpatched it could leave installations vulnerable to malware spoofing as trusted components with fake digital signatures that appear to be valid. It’s reported that Microsoft discretely shipped a patch to certain military and other high-profile organizations which were required to sign an agreement stating those who received the patch would not reveal details before today. Microsoft has since denied this claim but did agree that the flaw is present and will be patched.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

If customers use a Windows product or operating system that is listed in any of the patches they should download them immediately. If there are questions or concerns, users can attempt to contact Microsoft directly or seek help from another security professional regarding the vulnerabilities and patches and how they may be affected by them. The day after patch Tuesday is always a big day for cybercriminals to attempt to exploit vulnerabilities which is why it is imperative to implement these patches immediately.

Source: https://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support