Latest Windows 10 Patch Tuesday Updates Includes Fixes For Signature Verification Exploitation And Remote Desktop

The first Windows 10 Patch Tuesday update of 2020 is being referred to as one of the most important for the latest operating system from Microsoft. The company released several critical security updates as part of the Patch Tuesday that was sent out to all Windows 10 OS users this week. In all, Microsoft has addressed 49 security vulnerabilities.

Some of the most notable fixes that the patches, include securing the Windows 10 OS from errors in the way digital signatures are verified, as well as a flaw in the Remote Desktop Gateway, which could potentially allow an attacker to run arbitrary code remotely. Microsoft has strongly urged end-users as well as administrators to install or deploy the latest Patch Tuesday Update on all Windows 10 installations.

Microsoft Issues Multiple Fixes Inside First Patch Tuesday Update Of 2020:

For the first edition of Patch Tuesday of the New Year, Microsoft has reportedly addressed a total of 49 security vulnerabilities. In other words, the January 2020 Patch Tuesday delivered fixes for about 49 bugs. Eight of the bugs were rated “Critical.” Microsoft has assured that none of the vulnerabilities were being exploited in the wild. However, that doesn’t diminish the severity of the bugs, and hence, it is critical to install the updates at the earliest.

One of the most critical errors that the first patch Tuesday of 2020 from Microsoft fixes is the error in the signature verification methodology of Windows 10. The vulnerability can be potentially exploited both for code signatures and for TLS certificates. Particularly, it concerns the processing of signatures with elliptical curves. The vulnerability was discovered by the National Security Agency (NSA) and subsequently reported to Microsoft.

The flaw reportedly exists in the crypt32.dll component of Windows, which is a key piece of the operating system’s immune response. Applications, as well as the core operating system itself, use this DLL to verify and manage cryptographic digital signatures in applications, among other things. Windows and security tools can use digital signatures to validate whether an application is authorized and legitimate to run. The DLL file makes the judgment based on whether the application legitimately originated from the company that created it, as well as to encrypt or decrypt files or messages. Basically, the DLL file establishes the authenticity of an application.

TLS Certificates are quite critical for many operations in Windows 10. Hence, using the manipulated or tampered certificates, malicious coders can successfully launch a man-in-the-middle attack. Essentially, an attacker could spoof the cryptographic certificate used to sign software. This type of attack can be used to read or manipulate all traffic in and out of the Windows 10 OS computer. With a tampered DLL file, the Windows 10 machine would essentially ‘Whitelist’ any code, file or application that the attacker wants.

Another major bug that the Patch Tuesday fixes, was in the Remote Desktop Gateway. Here it was possible to execute code over the network. Incidentally, the common Remote Desktop Protocol (RDP) was not affected by the vulnerability.

Apart from a total of 8 Critical flaws, there are also weaknesses in the NET Framework, APS.NET and Internet Explorer. Updates identified as ‘Important’ can be found in Hyper-V, Index, Office, Search and Win32k, among others. Microsoft has offered a complete overview of the updates.

Tags

Alap Naik Desai


A B.Tech Plastics (UDCT) and a Windows enthusiast. Optimizing the OS, exploring software, searching and deploying solutions to strange and weird issues is Alap's main interest.
Close