Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerability in SymCrypt could allow an attacker to perform DoS on any Windows server

Vulnerability in SymCrypt could allow an attacker to perform DoS on any Windows server

  • The vulnerability could allow an attacker to perform DoS on any Windows server such as IPsec, Internet Information Services (IIS), and Microsoft Exchange Server.
  • The researcher found out that any program on the system that processes the X.509 digital certificate will trigger the vulnerability causing deadlock.

A vulnerability researcher at Google, Tavis Ormandy, uncovered a vulnerability in the primary cryptographic library of Microsoft’s operating system ‘SymCrypt’. The vulnerability could allow an attacker to perform Denial of Service (Dos) on Windows 8 servers and above.

More details on the vulnerability

Ormandy tested the vulnerability using a specially crafted X.509 digital certificate that prevents completing the verification process and found out that any program on the system that processes the certificate will trigger the vulnerability causing deadlock.

“The vulnerability could cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric,” the researcher said.

The researcher also found out that embedding the certificate in an S/MIME message, authenticode signature, and schannel connection could allow an attacker to perform DoS on any Windows server such as IPsec, Internet Information Services (IIS), and Microsoft Exchange Server, requiring the machine to be rebooted.

Patch still not available

Ormandy notified Microsoft about the issue in March 2019 with a 90-day disclosure deadline. Microsoft acknowledged the issue and promised to come up with the patch within 90 days.

However, the Microsoft Security Response Center (MSRC) informed the researcher that a patch wouldn’t be ready until next month’s release of security updates. This made the researcher release the details of the bug to the public as the 90-day time-frame has lapsed.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket