• Is your system susceptible to a ChainOfFools/CurveBall CVE-2020-0601 attack?

    Posted on January 17, 2020 at 08:19 CST by Comment in the Forums

    There’s a simple SANS test to see if your particular browser, running on your particular machine, is susceptible. That doesn’t cover all possibilities, but it’s certainly indicative.

    Detailed discussion in Computerworld Woody on Windows.

    We’re still at MS-DEFCON 2. Unless your system, specifically, triggers a “You Are Vulnerable” warning in the SANS test, I recommend that you wait to patch.

    UPDATE: Some scary stuff from Benjamin Delpy, @gentlekiwi. He’s come up with a scenario where a malicious Word VBA macro can run, if you set VBA to “Disable all macros except digitally signed” and your machine has cached the Microsoft ECC Product Root Certificate Authority 2018 cert. His example requires you to manually activate the macro – but it’s still scary.

    UPDATE: Lawrence Abrams at BleepingComputer has a detailed account of various devious methods that bypass normal certificate validation, thanks to CVE-2020-0106.

    Windows Patches/Security , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.