WINDOWS CRYPTOAPI VULNERABILITY
Priority: High Executive Summary: Microsoft’s latest Patch Tuesday includes a fix to address a vulnerability in Windows CryptoAPI, specifically in crypt32.dll, which implements “Certificate and Cryptographic messaging functions in the CryptoAPI”. This would allow an attacker to spoof a code-signing certificate, enabling them to sign malicious executables, masquerade as legitimate websites and perform man-in-the-middle attacks […]