This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Publisher
- :
- FlexNet Publisher Forum
- :
- CVE-2020-0601 - Windows CryptoAPI Spoofing Vulnerability
Subscribe
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Jan 24, 2020
05:24 AM
CVE-2020-0601 - Windows CryptoAPI Spoofing Vulnerability
Hi all,
The NSA and Microsoft recently flagged a vulnerability:
CVE-2020-0601 - Windows CryptoAPI Spoofing Vulnerability
The details are posted on the MIST NVD (National Vulnerability Database):
https://nvd.nist.gov/vuln/detail/CVE-2020-0601
It states:
“A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates”
Does this affect the Flexera FlexNet Publisher Product that we are using to handle our product licencing?
We currently have verson 11.12.0.0
Thanks for your assistance.
(1) Reply
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Jan 29, 2020
11:43 PM
Yes, it is save to assume that any tool, including FNP, will be affected and so it is strongly recommended that you install the Microsoft update to Windows that mitigates this vulnerability.