Critical Windows CryptoAPI Vulnerability demands prompt action

  • Post author:
  • Reading time:5 mins read

windows cryptoapi vulnerability


The release of Microsoft Patch Tuesday updates for January 2020 brought to light a critical vulnerability in Microsoft Windows CryptoAPI. Reported by the National Security Agency, the national-level intelligence agency of the USA, CVE-2020-0601 is a spoofing vulnerability in Windows systems, the exploitation of which could have widespread consequences. Therefore, a good Vulnerability management system can resolve these issues.

Microsoft explains that this spoofing vulnerability in Windows CryptoAPI exists due to improper validation of Elliptic Curve Cryptography (ECC) certificates. Hence, the flawed component crypt32.dll was added to Windows systems about twenty years ago. Vulnerability management tools can prevent these attacks.

Cryptographic Application Programming Interface (or CryptoAPI)

It helps developers secure Windows-based applications using cryptographic techniques. CryptoAPI provides the functionality for encryption and decryption in authentication mechanisms using digital certificates.

With the ever-changing situations in information security and the increasing complexity of hacking attempts, researchers are under constant pressure to come up with new methods to stay ahead of those with ill intentions. In recent years, Elliptic Curve Cryptography (ECC) has become a mainstream primitive for cryptographic protocols and applications. ECC certificates are based on Elliptic Curve Cryptography, an encryption algorithm that relies on discovering the discrete logarithm of a random elliptic curve. ECC provide stronger security and increased performance with shorter key lengths. The major browsers such as Chrome, Firefox, Internet Explorer and Safari, web servers such as Apache HTTP, Nginx, Apache Tomcat, operating systems such as Microsoft Windows, Apple Mac OS, Red Hat Enterprise Linux, etc are all known to be compatible with ECC.

The vulnerability specifically lies in how Windows verifies cryptographic trust. The flaw is in the way the certificates are loading when explicit curve parameters are specified in the provided certificates. Multiple PoCs (1, 2)  released for this vulnerability show that a private key can be crafting for an existing certificate by using a generator different from the standard one and setting it with the explicit curve parameters. The CryptoAPI gets tricking into matching the certificates in the cache and the generated non-standard ones.

An existing certificate has a public key, ‘Pk‘ and a private key ‘k’ with generator ‘G’.

k.G = Pk

Consider a random variable ‘x’, then, for a different generator G’,

G' = x-1.Pk

This newly crafted secret key is valid for public key Pk with generator G’.

x.x-1.Pk = 1.Pk = Pk.

This bug exploits crypt32.dll signature verification on the elliptic curve. crypt32.dll is only known to check for a matching public key and parameters, but not the generator G. The Windows CryptoAPI can thus be made to believe that this is the right private key. The exploitation of this certificate validation vulnerability allows an attacker to bypass trusted network connections and deliver executable code which is featured as a legitimate and trusted file.

NSA explains that the exploits carried out in real-world scenarios involve HTTPS connections, signed files, and emails, user-mode processes launching signed executable code, etc. An attacker can also conduct man-in-the-middle attacks and gain access to confidential information on user connections.


Affected Systems

  • Windows 10
  • Windows Server 2016
  • Windows Server 2019

Impact

An attacker can sign malevolent executables using spoofed code-signing certificates and run them on the target machine.


Solution

Microsoft has released updates to fix the underlying vulnerability in Windows Systems. Thus, while it is the advise to install the updates without further delay on all affecting systems. Endpoints that are directly exposing to the internet and those in use by privileged personnel need immediate attention in terms of patching. Endpoints hosting critical infrastructure or running Windows-based web appliances, web servers, or proxies that perform TLS validation would also be top attack surfaces and require prompt action.

Please refer to this KB Article to apply the patches using SanerNow.