The January security updates include several Important and Critical security updates. As always, we recommend that customers update their systems as quickly as practical. Details for the full set of updates released today can be found in the Security Update Guide. We believe in Coordinated Vulnerability Disclosure (CVD) as proven industry best practice to address security vulnerabilities.

attackerkb 1

githubexploit 7

cvelist 1

alpinelinux 1

cve 1

checkpoint_security 1

veracode 1

exploitdb 1

msrc 2

nvd 1

krebs 2

qualysblog 6

mscve 2

osv 3

trellix 2

symantec 1

zdt 1

filippoio 1

cert 1

trendmicroblog 3

cisa_kev 1

prion 1

schneier 1

cloudfoundry 1

checkpoint_advisories 1

carbonblack 1

talosblog 2

threatpost 4

openvas 11

kaspersky 3

ics 2

thn 1

nessus 9

chrome 1

avleonov 1

rapid7blog 1

securelist 1

mskb 6

attackerkb

CVE-2020-0601, aka NSACrypt

2020-01-14 00:00:00

githubexploit

Exploit for Improper Certificate Validation in Microsoft

2020-03-03 08:49:47

Exploit for Improper Certificate Validation in Microsoft

2020-02-03 13:58:07

Exploit for Improper Certificate Validation in Microsoft

2021-01-17 11:53:28

cvelist

CVE-2020-0601

2020-01-14 23:11:20

alpinelinux

CVE-2020-0601

2020-01-14 23:15:30

cve

CVE-2020-0601

2020-01-14 23:15:30

checkpoint_security

Check Point Response to CVE-2020-0601 (CryptoAPI Spoofing Vulnerability)

2020-01-16 01:01:59

veracode

Certificate Spoofing

2020-01-30 04:08:05

exploitdb

Microsoft Windows - CryptoAPI (Crypt32.dll) Elliptic Curve Cryptography (ECC) Spoof Code-Signing Certificate

2020-01-15 00:00:00

msrc

January 2020 Security Updates: CVE-2020-0601

2020-01-14 18:01:05

January 2020 Security Updates: CVE-2020-0601

2020-01-14 08:00:00

nvd

CVE-2020-0601

2020-01-14 23:15:30

krebs

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

2020-01-13 22:17:47

Patch Tuesday, January 2020 Edition

2020-01-15 02:31:50

qualysblog

Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) – How to Detect and Remediate

2020-01-14 22:57:50

January 2020 Patch Tuesday – 50 Vulns, 8 Critical, Adobe Vulns

2020-01-14 19:34:09

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

2023-07-18 13:38:53

mscve

Windows CryptoAPI Spoofing Vulnerability

2020-01-14 08:00:00

Chromium Security Updates for Microsoft Edge (Chromium-Based)

2020-01-28 08:00:00

osv

CVE-2020-0601

2020-01-14 23:15:30

Certificate validation bypass on Windows in crypto/x509

2022-08-01 22:21:17

BIT-golang-2020-0601

2024-03-06 11:08:38

trellix

CurveBall – An Unimaginative Pun but a Devastating Bug

2020-06-17 00:00:00

CurveBall – An Unimaginative Pun but a Devastating Bug

2020-06-17 00:00:00

symantec

Microsoft Windows CryptoAPI CVE-2020-0601 Spoofing Vulnerability

2020-01-14 00:00:00

zdt

Microsoft Windows - CryptoAPI (Crypt32.dll) Elliptic Curve Cryptography (ECC) Spoof Code-Signing

2020-01-16 00:00:00

filippoio

Replace PGP With an HTTPS Form

2020-07-18 22:00:00

cert

Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains

2020-01-14 00:00:00

trendmicroblog

This Week in Security News: February 2020 Patch Tuesday Update and Misconfigured AWS S3 Bucket Leaks 36,000 Inmate Records

2020-02-14 13:57:34

Don’t Let the Vulnera-Bullies Win. Use our free tool to see if you are patched against Vulnerability CVE-2020-0601

2020-01-17 17:40:24

This Week in Security News: Trend Micro Creates Factory Honeypot to Trap Malicious Attackers and Microsoft Leaves 250M Customer Service Records Open to the Web

2020-01-24 13:18:05

cisa_kev

Microsoft Windows CryptoAPI Spoofing Vulnerability

2021-11-03 00:00:00

prion

Spoofing

2020-01-14 23:15:00

schneier

Critical Windows Vulnerability Discovered by NSA

2020-01-15 12:38:37

cloudfoundry

CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability | Cloud Foundry

2020-01-22 00:00:00

checkpoint_advisories

Microsoft Windows CryptoAPI Spoofing (CVE-2020-0601)

2020-01-16 00:00:00

carbonblack

Using Live Query to Audit Your Environment for the Windows CryptoAPI Spoofing Vulnerability

2020-01-17 16:00:29

talosblog

Threat Source newsletter (Jan. 16, 2019)

2020-01-23 07:27:43

Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage

2020-01-17 10:14:27

threatpost

PoC Exploits Published For Microsoft Crypto Bug

2020-01-16 16:05:57

Microsoft Patches ‘Major’ Crypto Spoofing Bug

2020-01-14 20:32:30

Oracle Ties Previous All-Time Patch High with January Updates

2020-01-14 23:43:10

openvas

Google Chrome Security Update (stable-channel-update-for-desktop_16-2020-01) - Mac OS X

2020-01-17 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2731)

2022-11-14 00:00:00

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2766)

2022-11-14 00:00:00

kaspersky

KLA11647 Multiple vulnerabilities in Google Chrome

2020-01-16 00:00:00

KLA11720 Multiple vulnerabilities in Opera

2020-01-22 00:00:00

KLA11639 Multiple vulnerabilities in Microsoft Windows

2020-01-14 00:00:00

ics

Critical Vulnerabilities in Microsoft Windows Operating Systems

2020-01-14 12:00:00

Potential for China Cyber Response to Heightened U.S.–China Tensions

2020-10-20 12:00:00

thn

Update Windows 10 Immediately to Patch a Flaw Discovered by the NSA

2020-01-14 18:40:00

nessus

Microsoft Edge (Chromium) < 79.0.309.68 Multiple Vulnerabilities

2020-07-07 00:00:00

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2731)

2022-11-14 00:00:00

EulerOS 2.0 SP9 : golang (EulerOS-SA-2022-2766)

2022-11-14 00:00:00

chrome

Stable Channel Update for Desktop

2020-01-16 00:00:00

avleonov

Big Microsoft day: EOL for Win7, Win2008 and crypt32.dll

2020-01-14 18:02:20

rapid7blog

Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year

2020-10-29 13:59:06

securelist

IT threat evolution Q1 2020. Statistics

2020-05-20 10:00:43

mskb

January 14, 2020—KB4534306 (OS Build 10240.18453)

2020-01-14 08:00:00

January 14, 2020—KB4528760 (OS Builds 18362.592 and 18363.592) - EXPIRED

2020-01-14 08:00:00

January 14, 2020—KB4534273 (OS Build 17763.973)

2020-01-14 08:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

EPSS

0.97

Percentile

99.8%

JSON

Related for MSRC:3C44F45306F0FE6224680D95AD131E84