Security alert: vulnerabilities within Windows discovered

Security Alert 1: Security breach in Crypt32.dll

Qualification: Important
Microsoft reference: CVE-2020-0601

Crypt32.dll is a part of Windows that validates certificates. The vulnerability in Crypt32.dll makes it possible to forge Elliptic Curve Cryptography, or ecc certificates (spoofing). A hacker can abuse the vulnerability to, for example, get an infected executable on a system (Ransomware).

Who or what is vulnerable?

All systems with Windows 10, Windows Server 2016 and 2019.

Doing what?

1. In a Managed Services environment without Desktop Management:

Servers are patched. Reboot will still be necessary. not to disrupt daily operations, we don't do this automatically. For this we ask for an explicit approval (support@vanroey.be).

As an administrator it is important that you update all clients (desktops, notebooks, tablets, …) as soon as possible.

2. In a Managed Services environment with Desktop Management:

Servers and clients are patched. Reboot remains necessary. Again we ask explicit approval in order not to disrupt the daily operational operation (support@vanroey.be).

3. Without Managed Services:

It is extremely important to provide servers and clients with this update as soon as possible. If you would like assistance with this, you can contact us by phone (+32 14 47 06 05) or e-mail (business@vanroey.be).

Security Alert 2: Security hole in Windows RDP Gateway Server and Remote Desktop Client

Qualification: Important
Microsoft reference: CVE-2020-0609, CVE-2020-0610 en CVE-2020-0612

Microsoft has fixed multiple vulnerabilities in Windows RDP Gateway Server and Windows Remote Desktop Client, and a malicious party can potentially exploit the vulnerabilities to execute random code, obtain sensitive data, or launch a Denial-of-Service (DoS) attack.