SoylentNews

upstart writes:

Submitted via IRC for SoyCow1944

Bad Cert Vulnerability Can Bring Down Any Windows Server

A Google security expert today revealed that an unpatched issue in the main cryptographic library of Microsoft's operating system can cause a denial-of-service (DoS) condition in Windows 8 servers and above.

The problem is in SymCrypt, the primary library for implementing symmetric cryptographic algorithms in Windows 8 and also for asymmetric ones starting with Windows 10 version 1703.

Tavis Ormandy, a vulnerability researcher at Google, noticed that SymCrypt could easily be used to cause a never-ending operation "when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric."

He was able to test the bug with the help of a specially crafted X.509 digital certificate that prevents completing the verification process. Any program on the system that processes the certificate triggers the vulnerability.

Affected systems can receive a malformed certificate in multiple ways since it is used in secure internet protocols (e.g. TLS) or for validating identity in digital signatures.

Thus, it can be delivered in digitally signed and encrypted messages via the S/MIME protocol or through a Secure Channel (schannel) connection that provides authentication between clients and servers.

The researcher considers the bug has low severity but can help an attacker take down a "Windows fleet" in a short period.

Original Submission