CVE-2020-0601 AKA ChainOfFools
- Microsoft disclosed a vulnerability in their monthly Patch Tuesday referenced under CVE-2020-0601.
- The vulnerability was discovered by the U.S. National Security Agency, anounced today (2020-01-14) in their press conference, followed by a blog post and an official security advisory.
- The flaw is located in the "CRYPT32.DLL" file under the C:\Windows\System32\ directory.
- NSA description:
- NSA has discovered a critical vulnerability (CVE-2020-0601) affecting Microsoft Windows® cryptographic functionality.