ENGLISH Search Menu
Alerts & News Security Alerts Security News

SECURITY ALERTS

Multiple Vulnerabilities (CVE-2020-0601、CVE-2020-0609、CVE-2020-0610 and CVE-2020-0611) in Microsoft Windows Operating System

DESCRIPTION:

1. Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601)

This vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a forged code-signing certificate to sign a malicious executable file, making it appear that the file was from a trusted, legitimate source. The system or user would have no way of knowing the file was not legitimate because the digital signature would appear to be from a trusted provider. Successful exploitation of this vulnerability could also allow an attacker to conduct man-in-the-middle attack.

2. Windows Remote Desktop Protocol (RDP) Vulnerabilities (CVE-2020-0609、CVE-2020-0610 and CVE-2020-0611)

(1) CVE-2020-0609, CVE-2020-0610

These two vulnerabilities exist in the Windows RDP Gateway Server when an unauthenticated attacker connects to the target system via RDP and sends specially crafted requests. These vulnerabilities are pre-authentication and require no user interaction. Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the target system.

(2) CVE-2020-0611

This vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server.

 

AFFECTED RELEASES:

CVE-2020-0601:

•Microsoft Windows 10 (32 and 64 bit)

•Microsoft Windows Server 2016

•Microsoft Windows Server 2019

 

CVE-2020-0609, CVE-2020-0610:

•Microsoft Windows Server 2012

•Microsoft Windows Server 2016

•Microsoft Windows Server 2019

 

CVE-2020-0611:

•Microsoft Windows 7 (32 and 64 bit)

•Microsoft Windows 8.1 (32 and 64 bit)

•Microsoft Windows 10 (32 and 64 bit)

•Microsoft Windows Server 2008

•Microsoft Windows Server 2012

•Microsoft Windows Server 2016

•Microsoft Windows Server 2019


SOLUTION:

Users and system administrators of affected versions are advised to apply the security updates immediately.

1. CVE-2020-0601

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jan

2. CVE-2020-0609、CVE-2020-0610 and CVE-2020-0611

•https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0609

•https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0610

•https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0611

 

REFERENCE:

1.https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jan

2.https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0609

3.https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0610

4.https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0611

5.https://www.csa.gov.sg/singcert/advisories/advisory-on-critical-vulnerabilities-in-microsoft-windows-operating-system

6.https://thehackernews.com/2020/01/warning-quickly-patch-new-critical.html

7. https://www.ithome.com.tw/news/135366

 Back To Top