Critical Windows Vulnerability Discovered by NSA
Yesterday's Microsoft Windows patches included a fix for a critical vulnerability in the system's crypto library. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.
That's really bad, and you should all patch your system as soon as possible. This is a zero-day vulnerability, meaning that it was not detected in the wild before the patch was released. It was discovered by security researchers. Interestingly, it was discovered by NSA security researchers, and the NSA security advisory gives a lot more information about it than the Microsoft advisory does.
Two of the critical issues affect Windows Remote Desktop Gateway (RD Gateway), tracked as CVE-2020-0609 and CVE-2020-0610, that can be exploited by unauthenticated attackers to execute malicious code on targeted systems just by sending a specially crafted request via RDP. Fortunately, none of the flaws addressed this month by Microsoft were publicly disclosed or found being exploited in the wild.