Researchers have developed a proof-of-concept (PoC) exploit for a public x.509 certificate-spoofing vulnerability in the Windows CryptoAPI that the NSA and the National Cyber Security Center (NCSC) ...

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...

Microsoft patched a spoofing vulnerability present in the Windows usermode cryptographic library, CRYPT32.DLL, on Windows 10, Windows Server 2016, and Windows Server 2019 systems. In a media call with ...

A bug in the Windows CryptoAPI is still unpatched on most data centre systems. Security researchers from Akamai said that the bug was discovered and fixed by Microsoft in August 2022, but 99 percent ...

I'm trying to implement decryption of data in a .Net app that was encrypted via Win32 CryptoAPI (wincrypt). A lot of it has been hit or miss for me, since I'm a native C/C++ dev that gets to play with ...