|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-06-29 | |
| Rule Name: | Microsoft Windows PE File Signature Spoofing Vulnerability (CVE-2020-1599) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | CVE-2020-1599 is a vulnerability that can be abused by adding data (that will be later executed) to the signature section of a file, for instance appending a VB script. Microsoft signature chain certification will not detect that the signature was modified and accept the file as legitimately signed, which can be used to avoid security checks. | |
| Impact: | An attacker can masquerade his identity and deceive users to gain an illegitimate advantage. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1599 |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1599 |