Security News > 2020 > January > Industry Reactions to Crypto Vulnerability Found by NSA: Feedback Friday
Several industry professionals have shared thoughts with SecurityWeek about the vulnerability, its impact, and the possible reasons why the NSA disclosed it rather than using it in its own operations.
"While this is a serious vulnerability that should be patched, there's no need to panic. When you look at the vulnerability and the number of affected systems, this does not reach the level of Heartbleed or WannaCry scenarios from the past. Also, our research shows that behavioral analysis of malware still detects malware as malicious, even if it's signed with an ostensibly legitimate certificate."
"This vulnerability was reported by the NSA to Microsoft, which is a good demonstration of the role the NSA, and other security agencies, can play in improving global information security. This reporting is also likely a direct result of the revamped Vulnerability Equities Process at NSA. The goal of the revamped program is to prioritize public interest in reporting security flaws and protecting core systems and infrastructure. Certificate signing is critical to the trust of software applications in both the public and private sectors, so this reporting certainly meets the"critical" threshold.
"While this is clearly a massive vulnerability within Windows systems it is important to place this in the bigger picture. Just because the flaw was discovered by the NSA does not automatically elevate this threat to international levels, or that it presents a bigger risk to business than other threats. It is important to place the vulnerability in context, so that the highest threats are prioritised first."
"This vulnerability is a force multiplier for attackers who often go to great lengths to get their tools whitelisted in their target environment. The CryptoAPI Spoofing vulnerability gives attackers another option to make their code appear legitimate. There is a silver lining though, Windows 7, which is now end of life, isn't impacted by this."