Sources say Microsoft on Tuesday will fix an extraordinarily scary flaw in all Windows versions, in a core cryptographic component that could be abused to spoof the source of digitally signed software. Apparently DoD & a few others got an advance patchhttps://krebsonsecurity.com/2020/01/cryptic-rumblings-ahead-of-first-2020-patch-tuesday/ …
-
-
Well that would be even more exciting! But we fixed memory corruption in 2010, I’ve heard.
-
There was a bug recently where some oddball oid allowed local privilege escalation, and I know of a few others with weird behaviour. That wouldn't be a "spoof source of digitally signed software" though, so curious if that was a quote or Brian extrapolating.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
