But CryptoAPI can also bring potentially critical security flaws to the aforementioned Windows platform, making identity and certificate spoofing easier.

Proof-of-concept exploit code is now available for the Windows CryptoAPI spoofing vulnerability tracked as CVE-2020-0601 and reported by the National Security Agency (NSA), just two days after ...

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...

The CryptoAPI allows developers to secure their Windows apps cryptographically, but a bug in the API allows malicious actors to sign certificates in a way that tricks Windows into believing they ...