Bleeping Computer

Exploit released for critical Windows CryptoAPI spoofing bug

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing.
Dark Reading

Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI

Researchers have developed a proof-of-concept (PoC) exploit for a public x.509 certificate-spoofing vulnerability in the Windows CryptoAPI that the NSA and the National Cyber Security Center (NCSC) ...
moneycontrol.com

Windows-powered data centres still vulnerable to CryptoAPI bug, says Akamai

A bug in the Windows CryptoAPI is still unpatched on most data centre systems. Security researchers from Akamai said that the bug was discovered and fixed by Microsoft in August 2022, but 99 percent ...
Bleeping Computer

How Malware Gains Trust by Abusing the Windows CryptoAPI Flaw

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...
TechSpot

CryptoAPI bug makes 99% of Windows servers vulnerable

WTF?! Akamai has unveiled a new security threat to Windows-based servers and data center machines based on a dangerous bug Microsoft fixed months ago. However, it seems almost no one bothered to ...