That said, I still think that the NSA only reported it because it's of absolutely no value to them whatsoever and they feel bad for EternalBlue.
Prikaži ovu nit
Deleted the tweet about the crypto bug because there's conflicting info on its scope. Some people are tweeting at me saying it's viable for TLS interception, but MS Security Portal only mentions file signature spoofing. Going to go do some digging.
-
-
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
From the portal advisory: "A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software."
-
It is weird that the official advisory is so focussed on code signing.
- Još 3 druga odgovora
Novi razgovor -
-
-
"By exploiting this vulnerability, an attacker may be able to spoof a valid X.509 certificate chain on a vulnerable Windows system. This may allow various actions including, but not limited to, interception and modification of TLS-encrypted communications"
Kraj razgovora
-
-
-
MS Security says it too, but in a convoluted way. The US-CERT advisory is more clear. Yes, affects TLS, if whatever is checking the cert (e.g., the browser) uses the vulnerable API.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
It’s interesting that ci.dll and winload.efi were not changed, even though they both have full Authenticode validation implementations.
-
Previous windows versions do too, so I’m assuming something went horribly wrong in refactoring or adding features to crypt32.dll for Windows 10. Certainly adds more fuel to the “not enough testing” argument that regularly gets thrown around about Win10 development.
Kraj razgovora
Novi razgovor -
-
-
The NSA advisory has it:https://twitter.com/panther_modern/status/1217155606785773573?s=19 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
It also mentions 'conduct man in the middle attacks and decrypt confidential information'
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.