Windows CryptoAPI Spoofing "Curveball" Vulnerability
CryptoAPI System Architecture - Win32 apps | Microsoft Docs Applications use functions in all of these areas. These functions, taken together, make up CryptoAPI. The base cryptographic functions use the CSPs for the necessary cryptographic algorithms and for the generation and secure storage of cryptographic keys.. Two different kinds of cryptographic keys are used: session keys, which are used for a single encryption/decryption, and public/private key Download CAPIMON (CAPIMON.exe) from Official Microsoft Oct 23, 2019
Jan 14, 2020
The CryptoAPI spoofing vulnerability was reported to Microsoft by the US National Security Agency, following which a fix was rolled out. Microsoft has released a security patch for a serious security flaw affecting Windows 10 operating system. The vulnerability was found in CryptoAPI, which is around two decades old Windows cryptographic component that validates ECC certificates. Implementing custom CryptoAPI-Cryptographic Service Created a DLL (custom CSP) which is exposing the CryptoAPI entry function in DLL. Custom CSP dll file was signed using Microsoft Code Signing Certificate. We made the appropriate changes in registry settings to add custom CSP and placed the dll in /windows32/ folder.
Jan 14, 2020
Jan 14, 2020