01455 247 830
07897 001 247
Back to news

Microsoft Urgent Advisory

Microsoft have released an urgent advisory to install all of the latest security updates to Windows 10, Windows Server 2016 and Windows Server 2019, due to a vulnerability that could allow a spoofed secure connection to a website to appear genuine.

Microsoft have said:

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software.

The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates.

Please ensure you have installed all Windows updates on all business and personal devices.

To remove the headache of manual updates and to implement automatic management of your Windows updates please speak to your account manager to see how IT3000 can help.

For more information call us on 01455 247 830 or 01202 830 830
or email your account manager.

Recent Articles

Real Challenges, Real Solutions - Ransomware Data Disaster: Operational and Financial Impact

In today’s digital age, IT security is not just a luxury but a necessity for businesses of all sizes. With increasing online threats, from sophisticated cyber-attacks to data breaches, the importance of robust IT security has never been more critical. This series aims to highlight the key challenges faced by businesses in maintaining IT security, […]

Read More
Real Challenges, Real Solutions - CEO Impersonation Scam: Email Account Breach: Risks and Financial Implications

In today’s digital age, IT security is not just a luxury but a necessity for businesses of all sizes. With increasing online threats, from sophisticated cyber-attacks to data breaches, the importance of robust IT security has never been more critical. This series aims to highlight the key challenges faced by businesses in maintaining IT security, […]

Read More
Real Challenges, Real Solutions - CEO Impersonation Scam: Network Vulnerability: Facing a Sophisticated Cyber Attack

In today’s digital age, IT security is not just a luxury but a necessity for businesses of all sizes. With increasing online threats, from sophisticated cyber-attacks to data breaches, the importance of robust IT security has never been more critical. This series aims to highlight the key challenges faced by businesses in maintaining IT security, […]

Read More

IT3000 Limited

At IT3000 we are an ISO 9001 and ISO 27001 accredited Midlands and South West based IT support/ managed services provider who specialise in providing IT support and services to organisations nationwide. Our extensive help desk team, as well as offices in Leicestershire and Dorset allow us to work with a wide variety of companies across the UK.
Join Our Mailing List
Copyright © 2023 IT3000 Limited
IT3000 Limited, The Barn, Bridge Farm, Holt Lane, Ashby Magna, Lutterworth, Leicestershire, LE17 5NJ
envelopephone-handsetsmartphone
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram