cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hello,

Microsoft just released a patch to address CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability. The description states "A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates."

My question is, does ENS 10.6.1 offer any protection for these types of vulnerabilities and specifically for the vulnerability associated with this CVE article?

Thank you.

 

2 Solutions

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hi @Glenn_Bolton 

Please subscribe to https://kc.mcafee.com/corporate/index?page=content&id=KB92322 for all official communication.

 

McAfee is aware of the recent Windows CryptoAPI Spoofing vulnerability (CVE-2020-0601). We have technology in development to detect the vulnerability and are currently conducting rigorous quality assurance and efficacy testing.  

We strongly advise rapid deployment of the Microsoft patches released on January 14. McAfee products are compatible with all updates released in the January Patch Tuesday update.

 

View solution in original post

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hi @cybercop 

We have created a generic detection (CVE-2020-0601!) . It is already merged in DAT source and will be fully released in 3 days if we do not find any false positive incident.

This ED can be deployed to both VSE and ENS. 
We strongly recommend to test this ED in smaller group of machines before deploying to entire organization. 


If there is any False positive you have, please reach out to our Support team.

How to apply the Extra DAT:
1. Extract the Extra.ZIP file. 
2. Follow the article 
https://docs.mcafee.com/bundle/endpoint-security-10.5.0-threat-prevention-product-guide-epolicy-orch... to deploy it from EPO.
 

The article will be updated shortly.

View solution in original post

6 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 7

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hi @Glenn_Bolton 

Please subscribe to https://kc.mcafee.com/corporate/index?page=content&id=KB92322 for all official communication.

 

McAfee is aware of the recent Windows CryptoAPI Spoofing vulnerability (CVE-2020-0601). We have technology in development to detect the vulnerability and are currently conducting rigorous quality assurance and efficacy testing.  

We strongly advise rapid deployment of the Microsoft patches released on January 14. McAfee products are compatible with all updates released in the January Patch Tuesday update.

 

View solution in original post

Highlighted

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Thank you..will do.

Highlighted

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Have you got timescales for 10.6/10.7 offering protection from CVE-2020-0601 (Defender already does..) Whilst the advice of ensuring the updates are applied is good practise, no updating process is 100%. We are an extremely large organisation and we are happy if we can get 90% coverage. Defence in depth is essential to us as if the updates don't get through then the last line of Defence we have is ENS ATP....

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 7

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hi @cybercop 

We have created a generic detection (CVE-2020-0601!) . It is already merged in DAT source and will be fully released in 3 days if we do not find any false positive incident.

This ED can be deployed to both VSE and ENS. 
We strongly recommend to test this ED in smaller group of machines before deploying to entire organization. 


If there is any False positive you have, please reach out to our Support team.

How to apply the Extra DAT:
1. Extract the Extra.ZIP file. 
2. Follow the article 
https://docs.mcafee.com/bundle/endpoint-security-10.5.0-threat-prevention-product-guide-epolicy-orch... to deploy it from EPO.
 

The article will be updated shortly.

View solution in original post

Highlighted

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution
McAfee is doing a great job of responding to these types of issues very quickly. Nicely done. I would like to post a separate notice re: the current Zero Day issue. I believe that Microsoft has not released a patch and may not until February..It's nice to know that Microsoft takes security seriously. Thank you McAfee Team.
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 7

Re: CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability

Jump to solution

Hi @Glenn_Bolton,

I am not involved in this thread, but I am certainly very happy representing McAfee on listening to such words. This is great feedback that should be passed along to the team who work on these and I will ensure it is heard! Thanks!

Also, the latest update is that as per the below Link, Microsoft has thankfully addressed this Vulnerability with a patch fro their end!

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601

Cheers!

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community