all InfoSec news
Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)
Help Net Security www.helpnetsecurity.com
Akamai researchers have published a PoC exploit for a critical vulnerability (CVE-2022-34689) in Windows CryptoAPI, which validates public key certificates. “An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate,” Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions. The vulnerability was actually patched in August 2022, but its existence only revealed … More →
The post …
actions akamai august authentication bug certificate certificates chrome code code signing critical critical vulnerability cryptoapi cve cve-2022-34689 don't miss encryption exploit fixes hot stuff identity key microsoft october poc poc exploit public public key release researchers server signing spoof vulnerability vulnerable windows windows server