Vulnerability was found in the Windows® CryptoAPI

Microsoft announced that the procedure for checking ECC x.509 certificates in Windows® contains a critical vulnerability. Patches have been released for all supported versions of Windows®.

The vulnerability was revealed on 14 January. It is associated with Windows® CryptoAPI and makes it possible to create spoofed TLS and Code Signing certificates. At the moment, no cases of exploitation of this vulnerability by cybercriminals are known. However, the vulnerability is critical and requires immediate action.

Microsoft recommends that users with Windows® 10, Windows® Server 2016, and Windows® Server 2019 upgrade as quickly as possible.

We strongly recommend that you immediately install patches on all Windows® systems you use on your GPU-servers.

A set of security updates is available at: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601.

When starting new servers with Windows®, all patches are already installed.

Subscribe to our pages on social networks to keep up-to-date with all the latest news.