Update 1.16.2020 – New name coined “CurveBall” for the Crypt32.dll vulnerability.
Update 1.15.2020 – It appears that only Windows 10 and Windows Server 2016/2019 are affected. However, there is another RDS bug that is equally bad that affects older Windows Server operating systems as well as Remote Desktop clients, covered in the security rollup for this month.
With the late breaking news of the Crypt32.dll. This is an extremely important one to be paying attention to. As we covered just today, the vulnerability will affect all Windows Server and client operating systems as well as of course your Hyper-V hosts. As the damage path for this vulnerability will certainly be wide-sweeping, you want to do your due diligence to get your hosts and all other machines patched for this one. Let’s take a look at how to Download Crypt32.dll Patch Tuesday Security Rollup from Microsoft.
Download CurveBall Crypt32.dll Patch Tuesday Security Rollup
Let’s get right to the links to download the security rollups for the affected operating systems.
The global link that you can visit to see the aggregated links from Microsoft on the various operating systems.
Description: Security updates to Windows App Platform and Frameworks, Windows Input and Composition, Windows Management, Windows Cryptography, Windows Virtualization, the Microsoft Scripting Engine, and Windows Server.
- CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability
- Aggregated link – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
Windows Server 2019 and Server 2019 Core
Windows Server 2016
Windows 10 1909 and 1903 x64
Windows 10 1909 and 1903 x32
Windows 8.1 x32
Windows 8.1 x64
Windows Server 2008 R2
|Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1||4534310||Monthly Rollup||CVE-2020-0607|
|01/14/2020||Windows Server 2008 R2 for x64-based Systems Service Pack 1||4534310||Monthly Rollup||CVE-2020-0607|
|01/14/2020||Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)||4534310||Monthly Rollup||CVE-2020-0607|
Windows Server 2012 and R2
|Windows Server 2012||4534283||Monthly Rollup||CVE-2020-0607|
|01/14/2020||Windows Server 2012 (Server Core installation)||4534283||Monthly Rollup||CVE-2020-0607|
|01/14/2020||Windows Server 2012 R2||4534297||Monthly Rollup||CVE-2020-0607|
|01/14/2020||Windows Server 2012 R2 (Server Core installation)||4534297||Monthly Rollup||CVE-2020-0607|
Microsoft lists the following as potential issues on the description page for the Windows Server 2019 patch. The one that caught my eye was the CSV volume rename. However, I am not sure what if any interaction this will have with Hyper-V or other solutions making use of Cluster Shared Volumes.
It also illustrates the point of testing out these updates properly and doing regression testing to know how the patch may interact with applications, custom code, etc.
|Certain operations, such as rename, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.||Do one of the following:Perform the operation from a process that has administrator privilege.Perform the operation from a node that doesn’t have CSV ownership.Microsoft is working on a resolution and will provide an update in an upcoming release.|
|After installing KB4493509, devices with some Asian language packs installed may receive the error, “0x800f0982 – PSFX_E_MATCHING_COMPONENT_NOT_FOUND.”||Uninstall and reinstall any recently added language packs. For instructions, see Manage the input and display language settings in Windows 10.Select Check for Updates and install the April 2019 Cumulative Update. For instructions, see Update Windows 10.Note If reinstalling the language pack does not mitigate the issue, reset your PC as follows:Go to the Settings app > Recovery.Select Get Started under the Reset this PC recovery option.Select Keep my Files.Microsoft is working on a resolution and will provide an update in an upcoming release.|
|When setting up a new Windows device during the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.Note This issue does not affect using a Microsoft Account during OOBE.||To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.Microsoft is working on a resolution and will provide an update in an upcoming release.|
Be sure to fully check out the links above. The Crypt32.dll vulnerability is certainly big news for any running Windows Server or client operating systems which is basically everyone.
More as we know more….stay tuned.