January 21, 2020

Microsoft Issues Security Update to Fix "Curveball" Vulnerability | TWiT Bits

Listen Later

16 minutes

"CurveBall" is a spoofing vulnerability in the way the certificates are accepted without proper verification of the explicit curve parameters within the certificates. Essentially, this flaw allows an attacker to supply his own generated X.509 certificates by using an "explicit parameters" option to set those curve parameters.

Subscribe & watch the full Podcast:

https://twit.tv/sn/750

Hosts: Leo Laporte and Steve Gibson

You can find more about TWiT and subscribe to our full shows at https://twit.tv/shows/

...more

View all episodes

View all episodes

Download on the App Store

Download on the App Store

Get it on Google Play

Tech Break (Video)

By TWiT

4.7

2323 ratings

January 21, 2020

Microsoft Issues Security Update to Fix "Curveball" Vulnerability | TWiT Bits

Listen Later

16 minutes

"CurveBall" is a spoofing vulnerability in the way the certificates are accepted without proper verification of the explicit curve parameters within the certificates. Essentially, this flaw allows an attacker to supply his own generated X.509 certificates by using an "explicit parameters" option to set those curve parameters.

Subscribe & watch the full Podcast:

https://twit.tv/sn/750

Hosts: Leo Laporte and Steve Gibson

You can find more about TWiT and subscribe to our full shows at https://twit.tv/shows/

...more