The US Cyber Security Agency (CISA) recently released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Microsoft Windows and Windows Remote Desktop Protocol (RDP). Vulnerability management can help organizations get a handle on such vulnerabilities.
Consequently, Microsoft released fixes for 50 security vulnerabilities in the Windows operating system, creating yet another scramble by IT professionals to patch their computer systems.
Part of what Microsoft fixed in the updates released was what is regarded as a major crypto-spoofing bug that affected Windows 10 users.
A key point is to realize that this particular vulnerability could allow a cyber criminal or hacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an application was from a trusted source.
Keep in mind that in technology terms, spoofing is defined as a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.
To put it another way, when this vulnerability is exploited and code-signing certificates are spoofed, the operating system will find it difficult to tell the difference between malware and Microsoft software. (more…)