KrebsonSecurity has reported that Microsoft plans to kick off patch Tuesday by delivering a fix for a substantial cryptographic flaw present in all versions of Windows. Krebs believes the flaw lies within the crypt32.dll file, and if unpatched it could leave installations vulnerable to malware spoofing as trusted components with fake digital signatures that appear to be valid. It’s reported that Microsoft discretely shipped a patch to certain military and other high-profile organizations which were required to sign an agreement stating those who received the patch would not reveal details before today. Microsoft has since denied this claim but did agree that the flaw is present and will be patched.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.