Proof-of-concept exploits published for the Microsoft-NSA crypto bugJanuary 16, 2020 – 5:06 AM
Security researchers have published earlier today proof-of-concept (PoC) code for exploiting a recently-patched vulnerability in the Windows operating system, a vulnerability that has been reported to Microsoft by the US National Security Agency (NSA).
The bug, which some have started calling CurveBall, impacts CryptoAPI (Crypt32.dll), the component that handles cryptographic operations in the Windows OS.
According to a high-level technical analysis of the bug from cyber-security researcher Tal Be’ery, “the root cause of this vulnerability is a flawed implementation of the Elliptic Curve Cryptography (ECC) within Microsoft’s code.”
According to both the NSA, the DHS, and Microsoft, when exploited, this bug (tracked as CVE-2020-0601) can allow an attacker to:
- launch MitM (man-in-the-middle) attacks and intercept and fake HTTPS connections
- fake signatures for files and emails
- fake signed-executable code launched inside Windows