Microsoft will fix most dangerous vulnerability in Windows

This vulnerability will affect all the version of Windows past decades, 20 years.

Microsoft will soon release a patch on 14 Jan 2020 for this extremely dangerous vulnerability in a Windows module called crypt32.dll. This crypt32.dll is responsible for certificates and it is also responsible for exchange of encrypted messages in the Windows Crypto API. This API helps developers encryption and decryption of data using digital certificates. This flaw can be misused by malware writer and even ransomware writer in spoofing digital certificates and the malware will appear as a benign program.

CRYPT32.dll has Most dangerous vulnerability in Windows
CRYPT32.dll has Most dangerous vulnerability in Windows

According to KrebsOnSecurity portal, Microsoft has already shared the patch with the defense organizations and the country wide critical infrastructures. According to International Institute of Cyber Security, this vulnerability poses a serious threat on the important Windows functions:

  • Windows Authentication on desktop and servers
  • Confidential data retained by Microsoft Internet Explorer and Edge browsers
  • and third-party applications.

This vulnerability is present in Windows from decades, starting Windows NT. Microsoft will release a patch on Tuesday and possibly some more information regarding the vulnerability.