Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched


Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai’s researchers.

CryptoAPI helps developers secure Windows-based apps using cryptography; the API can be used, for instance, to validate certificates and verify identities.

Read more…
Source: The Register