Addressing the Windows CVE-2020-0601 Vulnerability
Summary: Information and guidance on the Microsoft Windows CVE-2020-0601 vulnerability is provided in this article.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Windows vulnerability CVE-2020-0601
A spoofing vulnerability has been identified in the way that Windows CryptoAPI (Crypt32.dll) validates the Elliptic Curve Cryptography (ECC) certificates.
Microsoft has published the details on the Windows vulnerability on the following article:
Affected Operating Systems:
- Windows 10
- Windows Server 2016
- Windows Server 2019
Cause
Not applicable
Resolution
The security update listed in the Microsoft Advisory addresses the vulnerability by ensuring that the Windows CryptoAPI completely validates the ECC certificates.
- For systems configured to update online, you only must ensure that your Windows Updates are up to date.
- For those with offline systems or who have halted updates, you must download and install the update for your operating system to address this issue.
Affected Products
Security, Microsoft Windows Server 2016, Microsoft Windows Server 2019Article Properties
Article Number: 000150378
Article Type: Solution
Last Modified: 19 Jun 2023
Version: 5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.