Microsoft has released a security update to fix a dangerous vulnerability that impact Windows 10 operating system. The bug was discovered and reported by the US National Security Agency. A spoofing vulnerability exists in the way Windows CryptoAPI validates Elliptic Curve Cryptography certificates, Microsoft said in a statement. The cryptographic component CryptoAPI has a function that allows developers to digitally sign their software, proving that the software has not been tampered with. But the bug may allow attackers to exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The company noted that the user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. Microsoft said, "The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates."
- Massive black bear hit in Potter County
- Wellsboro bookstore cats inducted into Feline Historical Society
- First case of COVID-19 reported in Lycoming County; patient in home quarantine
- Woman wielded knife in Wegmans: WBPD
- Three charged with assaulting woman at her home
- Officials in Lycoming County confirm first case of COVID-19
- Burglary at Harmonia club leads to one arrest
- Lycoming County officials don't know location of coronavirus patients
- Ruby Tuesday in Williamsport permanently closed
- Lock Haven man arrested for alleged bath salts intoxication
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.