DEV Community

Alexander Viken
Alexander Viken

Posted on

Run Windows update now!

Microsoft have released a patch through Windows Update for

  • CVE-2020-0601 - Windows doesn't properly validate X.509 certificate chains.
  • CVE-2020-0609, CVE-2020-0610 - Windows Remote Desktop Gateway (not to be confused with RDP proper) unauthenticated RCE.

Some pretty serious certificate handeling issues. If you are using Windows OS, do everyone around you a favor and run Windows Update, install the KB4528760 update and stay secure.

Microsoft fixes Windows crypto bug reported by the NSA

Discussion (1)

Collapse
artis3n profile image
Ari Kalfus

Definitely agree, it's a bad vulnerability. SwiftOnSecurity does a good job putting it into context, however. The Citrix and Netgear critical vulnerabilities from this/past week are much worse for the average person imo.

twitter.com/SwiftOnSecurity/status...