Français
Posted the 01-16-2020

Critical upgrade notice on Windows

Application Cyber Security News

These critical update releases have been pointed out in security bulletins and in an NSA alert regarding severe vulnerabilities impacting Windows cryptographic functionality.

WHAT TO KNOW AND WHAT TO DO ?

These vulnerabilities impacting Windows cryptographic functionality are fixed within the last Patch Tuesday patches from Microsoft Windows. Exploitation of the vulnerability allows attackers to defeat trusted network connections and deliver executable code while appearing as legitimately trusted entities (HTTPS connections, Signed files and emails, Signed executable code launched as user-mode process).

 

Two of them are particularly critical:

 

CVE-2020-0601: Vulnerability on the CryptoAPI DLL allowing the certification of malicious binaries (link CERT-FR).

  • Who is concerned: Anybody or any company with the following Windows systems.
  • Impacted systems: Microsoft Windows 10, Windows Server 2016, Windows Server 2019.
  • Remediation : It is strongly recommended to apply the updates patches from this CVE (link Portail Microsoft)

CVE-2020-0610 : Vulnérabilité impactant le service RDP Windows permettant à un attaquant l’exécution de code arbitraire sur le client Windows sans nécessairement avoir besoin de s’y authentifier (link CERT-FR).

  • Who is concerned: Anybody or any company with the following Windows systems.
  • Impacted systems: Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019
  • Remediation : It is strongly recommended to apply the updates patches from this CVE (link Portail Microsoft).

 

OUR RECOMMENDATIONS

It is strongly recommended to apply the corrective patches available as soon as possible by prioritizing windows-based appliances, web servers and proxies that perform TLS validation as well as Endpoints that host critical infrastructure (e.g. domain controllers, DNS servers, update servers, VPN servers, IPSec negotiation).

If your Windows machines are regularly updated (WSUS), please check that they have recovered the security patches dated 01/14/2020. Otherwise, please download and install Microsoft Windows patches as soon as possible.

AntemetA Cybersecurity team

 

 

MORE INFORMATION

Microsoft web pages:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
https://portal.msrc.microsoft.com/fr-FR/security-guidance/advisory/CVE-2020-0610
NSA Advisory:
https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
CERT-FR Security bulletins:
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-004/
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-005/
Brian Krebs blogs:
https://krebsonsecurity.com/2020/01/patch-tuesday-january-2020-edition/

Related content

[Press release] AntemetA, named Veritas EMEAI Partner of the Year

AntemetA certified Health Data Hosting (HDS)

AntemetA recognised by L’Informaticien

By continuing your browsing, you accept the deposit and use of cookies for the web site operation, visits statistics and social networks sharing. At any time you can change your setup by clicking on Cookies settings in the website footer.

I agree

Set your cookies

To ensure optimal navigation we use several cookies types. You can choose to disable them. These changes are valid only on the equipment and browser currently in use.

Operation

Allow deposit and reading of operating cookies to let me enjoy the website ergonomic, the language preferences and the browsing security.

Statistics

Allow deposit and reading of statistics cookies to let AntemetA track website traffic and improve the service quality.

Social networks

Allow deposit and reading of social network cookies to let me share content on LinkedIn, Facebook, Twitter, Google + and YouTube.