Proof-of-concept exploits published for the Microsoft-NSA crypto bug

encryption cryptography lock

Security researchers have published earlier today proof-of-concept (PoC) code for exploiting a recently-patched vulnerability in the Windows operating system, a vulnerability that has been reported to Microsoft by the US National Security Agency (NSA).

The bug, which some have started calling CurveBall, impacts CryptoAPI (Crypt32.dll), the component that handles cryptographic operations in the Windows OS.

According to a high-level technical analysis of the bug from cyber-security researcher Tal Be’ery, “the root cause of this vulnerability is a flawed implementation of the Elliptic Curve Cryptography (ECC) within Microsoft’s code.”

According to both the NSA, the DHS, and Microsoft, when exploited, this bug (tracked as CVE-2020-0601) can allow an attacker to:

Coinbase 2
  • launch MitM (man-in-the-middle) attacks and intercept and fake HTTPS connections
  • fake signatures for files and emails
  • fake signed-executable code launched inside Windows

Experts: “seriously, seriously bad”

Speaking on Twitter, Acting Homeland Security Advisor Rob Joyce described the bug as “seriously, seriously bad.”

US authorities reacted to the vulnerability very openly and proactively. The NSA released a rare security alert about the bug, and the DHS’ CISA department issued an emergency directive, giving government agencies ten days to patch systems by applying the January 2020 Microsoft Patch Tuesday updates.

This is the first time the NSA reported a bug to Microsoft. One might say the agency is on a press tour to improve its image in the cyber-security community after the EternalBlue and Shadow Brokers disasters, when NSA-developed hacking tools were leaked online and used for some of the biggest malware infections and cyber-attacks known to date.

However, the vulnerability’s severity cannot be downplayed by the NSA’s attempt to “turn a new leaf” with the infosec community.

Astute and experienced security experts and cryptographers like Thomas Ptacek and Kenneth White have confirmed the vulnerability’s severity and wide impact — although it does not impact the Windows Update mechanism, which would have allowed a threat actor to fake Windows updates.

PoC exploits released online

In a blog post on Tuesday, White said he was aware that some people were days away from coming up with a working exploit for the CurveBall vulnerability.

The first one to come up with one was Saleem Rashid, who created a proof-of-concept code to fake TLS certificates and allow sites to pose as legitimate ones.

Rashid didn’t publish his code, but others did, hours later. The first public CurveBall exploit came from Kudelski Security, followed by a second one from a Danish security researcher going by the name of Ollypwn.

In its official security advisory for CVE-2020-0601, Microsoft described the chance of threat actors exploit the bug as “more likely.” With public demo code available, the chances of exploitation are now also ensured.

The good news in all of this is that even if users haven’t had the time to schedule time to install the patches, Windows Defender has received updates to at least detect active exploitation attempts and warn users. According to Microsoft, this vulnerability impacts Windows 10, Windows Server 2019, and Windows Server 2016 OS versions.

Proof-of-concept exploits published for the Microsoft-NSA crypto bug 1
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 42,848.00
ethereum
Ethereum (ETH) $ 3,013.46
tether
Tether (USDT) $ 1.00
cardano
Cardano (ADA) $ 2.11
binance-coin
Binance Coin (BNB) $ 365.18
xrp
XRP (XRP) $ 0.94866
solana
Solana (SOL) $ 137.47
polkadot
Polkadot (DOT) $ 28.95
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.209912
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 42,848.00
ethereumEthereum (ETH)
$ 3,013.46
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 538.51
litecoinLitecoin (LTC)
$ 159.65
bitcoinBitcoin (BTC)
36.541,33
ethereumEthereum (ETH)
2.569,92
tetherTether (USDT)
0,852813
bitcoin-cashBitcoin Cash (BCH)
459,25
litecoinLitecoin (LTC)
136,15
bitcoinBitcoin (BTC)
31,183.75
ethereumEthereum (ETH)
2,193.12
tetherTether (USDT)
0.727776
bitcoin-cashBitcoin Cash (BCH)
391.91
litecoinLitecoin (LTC)
116.19

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021

Blockchain/Cryptocurrency Questions and Answers

Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin42,574 0.68 % 6.44 % 5.68 %
Ethereum2,995.8 0.56 % 5.84 % 9.25 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Cardano2.080 2.09 % 2.82 % 13.70 %
Binance Coin363.62 0.59 % 6.58 % 9.30 %
XRP0.9418 0.12 % 3.52 % 11.87 %
Solana136.49 1.43 % 5.24 % 19.37 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
USD Coin0.9997 0.03 % 0.24 % 0.34 %
Dogecoin0.2077 1.53 % 6.28 % 12.40 %

bitcoin
Bitcoin (BTC) $ 42,848.00
ethereum
Ethereum (ETH) $ 3,013.46
tether
Tether (USDT) $ 1.00
cardano
Cardano (ADA) $ 2.11
binance-coin
Binance Coin (BNB) $ 365.18
xrp
XRP (XRP) $ 0.94866
solana
Solana (SOL) $ 137.47
polkadot
Polkadot (DOT) $ 28.95
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.209912