https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

patching

Microsoft Patches NSA-Discovered Windows Vulnerability

  • Written by Karen D. Schwartz
  • January 17, 2020
Businesses should apply the patch right away to avoid exposure to malware.

From IT Pro Today

If there’s anything IT professionals have learned over and over again, it’s to apply all security patches as soon as they become available.

That lesson was reinforced in a big way earlier this week when researchers at the National Security Agency discovered a way to exploit a Microsoft Windows vulnerability. More specifically, the Windows CryptoAPI, which is used to process digital certificates that attest to the validity of software via code signing, was found to have a vulnerability that could allow an attacker to craft a certificate that appears to be able to be traced to a trusted root certificate authority.

By exploiting this vulnerability, an attacker may be able to spoof a valid X.509 certificate chain on a vulnerable Windows system. This may allow various actions such as interception and modification of TLS-encrypted communications or spoofing an Authenticode signature. The vulnerability also could leave organizations exposed to possible spoofing of websites as well as software.

What makes the Windows vulnerability notable is the potential to exploit a foundational security technology that Microsoft Windows employs to determine whether an application is trustworthy, said ESG senior analyst Doug Cahill.

ESG's Doug Cahill

ESG’s Doug Cahill

“By gaming the digital cert verification via an API, cyber-adversaries can introduce malware that is then considered legitimate and trusted,” he said.

Microsoft Quickly Patches Flaw

Once Microsoft was alerted to the Windows vulnerability, it immediately issued a patch. While most companies have undoubtedly applied it, others may be behind the curve.

That’s a bad idea, said Scott Crawford, a research vice president at 451 Research; failure to patch vulnerable systems means a system may not be able to determine when an attacker has tried to use an invalid certificate to fraudulently “prove” the legitimacy of software in order to spoof legitimate software. This type of vulnerability can be used to get malicious software onto target machines or displace legitimate functionality with malicious software capability, he said.

While it might seem odd that a major vendor like Microsoft could miss something like this, it’s not all that uncommon.

451 Research's Scott Crawford

451 Research’s Scott Crawford

“Cryptography can be very complex to implement and thus presents opportunities for attackers,” Crawford said. “This is one reason why pros will encourage developers not to develop their own cryptography functions, since specialists will focus on these issues and help assure their security when problems are discovered. So in this case, it’s actually good that a company like Microsoft is involved, since it has the resources to respond quickly and effectively.”

In addition to applying the patch immediately if they haven’t done so already, companies should maintain good software update practices, Crawford said.

It’s also a good idea to use endpoint security software designed to detect advanced malware with a combination of pre-execution and runtime detection techniques, Cahill added.

Ambuj Kumar, CEO of security vendor Fortanix, warns that vulnerabilities in cryptographic APIs may continue to arise. To protect themselves, businesses should always maintain best practices in security, including rotating certificates frequently and building defense in depth and layers of security, he said.

Tags: Agents MSPs Security Technologies

Most Recent


  • Break-Up Cookie
    CompTIA Research: Partner-Vendor Relationships Can Make or Break
    Relationships seem to be strong and growing, amid a changing landscape and increasing expectations.
  • future
    Partners ‘Not Wholly Optimistic’ About Avaya’s Future
    One analyst said the business still has value.
  • stack
    Cisco Quarterly Results Tease Light at End of Supply Chain Tunnel
    Cisco recorded a record high for product orders and backlog in fiscal year Q4.
  • Security Sales
    Google Cloud Taps Nutanix CRO to Lead Global Cybersecurity Sales
    Google Cloud is close to completing its acquisition of Mandiant.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • AI, IoT and 5G converge
    5G for Enhanced Mobile Broadband is Here
  • Nation-State Cyberattack
    U.S., Companies 'Absolutely Not' Prepared for Nation-State Cyberattacks
  • Microsoft Teams app
    Microsoft Primes Partners to Build Next Wave of Teams Collaborative Apps
  • Business growth chart
    8x8 Signs Sandler Partners as Partner Earnings Jump 38%

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

New Products, Services: AWS, Windstream, Microsoft, TD Synnex, More

August 17, 2022

New Okta Channel Leader: Partners Crucial to Go-to-Market, Expansion

August 16, 2022

Lumen Channel Leaders Talk Program Evolution, C-Suite Sponsorship, TSD Consolidation

August 15, 2022

Industry Perspectives

View all

How to Take Shared Responsibility for Securing Cloud

August 11, 2022

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

Microsoft Targeting Partners to Sell Teams, Windows 365 to SMBs, More

August 15, 2022

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

Twitter

ChannelFutures

Good partnerships can make or break a relationship. New @CompTIAConnect research dives into vendor/partner fits.… twitter.com/i/web/status/1…

August 17, 2022
ChannelFutures

.@googlecloud hires former @nutanix CRO to lead global #cybersecurity sales. dlvr.it/SWpL9s https://t.co/XqbhNGgjI7

August 17, 2022
ChannelFutures

Our new services roundup features @ConcentricSF, @WIN_Partners, @CatoNetworks, @Nextiva, @dandh and other vendors a… twitter.com/i/web/status/1…

August 17, 2022
ChannelFutures

MSP Summit, Channel Partners Leadership Summit, and Women's Leadership Summit will cover four key areas of content… twitter.com/i/web/status/1…

August 17, 2022
ChannelFutures

Navigating the #cloudmarketplace world isn’t so easy. @IngramCloud has a new program to help VARs, #MSPs solidify t… twitter.com/i/web/status/1…

August 17, 2022
ChannelFutures

.@Veracode rolls out enhanced #partnerprogram. #cybersecurity dlvr.it/SWlCV5 https://t.co/oKywsXCfKb

August 16, 2022
ChannelFutures

.@GoTo has launched an IT helpdesk functionality within its GoTo Connect UCaaS product without passing on the cost… twitter.com/i/web/status/1…

August 16, 2022
ChannelFutures

Q&A with @okta's new channel chief @baynotebBill. #cybersecurity dlvr.it/SWl9Gn https://t.co/rnUWw7pY82

August 16, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X