A major Microsoft crypto-spoofing bug impacting Windows 10 made waves this Patch Tuesday, particularly as the flaw was found and reported by the U.S. National Security Agency (NSA). Microsoft’s January Patch Tuesday security bulletin disclosed the “important”-severity vulnerability, which could allow an attacker to spoof a code-signing certificate, vital to validating executable programs in Windows, and make it appear as if an application was from a trusted source. Threatpost talked to Pratik Savla, senior security engineer at Venafi, about the vulnerability, whether the hype around the flaw was warranted, and what the disclosure means for the NSA. For direct download click here. [ ](http://iframe%20style=border:%20none%20src=//html5-player.libsyn.com/embed/episode/id/12754238/height/360/theme/legacy/thumbnail/yes/direction/backward/%20height=360%20width=100%%20scrolling=no%20%20allowfullscreen%20webkitallowfullscreen%20mozallowfullscreen%20oallowfullscreen%20msallowfullscreen/iframe) Also, check out our podcast microsite, where we go beyond the headlines on the latest…
govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-01-15 15:47:002020-01-15 15:47:00Podcast: NSA Reports Major Crypto-Spoofing Bug to Microsoft
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org