I get the impression that people should perhaps pay very close attention to installing tomorrow's Microsoft Patch Tuesday updates in a timely manner. Even more so than others. I don't know... just call it a hunch? ¯\_(ツ)_/¯
-
-
So the vulnerable code isn't restricting at least some of the curve parameters to known curves, allowing for insecure curves to be used which opens the door to spoofed signatures?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Use of alternative/non-std ECC Base, can generate own private key and gen new cert, Windows would accept as valid. Allows TLS interception/modification and exe code signing. Combining both, APT groups could intercept Windows updates for target asset and update system files.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.