关联漏洞
标题:Microsoft Windows CryptoAPI 信任管理问题漏洞 (CVE-2020-0601)Description:Microsoft Windows CryptoAPI是美国微软(Microsoft)公司的一个在Windows 操作系统中添加的密码编译机能。作为资料加密与解密功能的重要基础,CryptoAPI 支持同步,异步的密钥加密处理,以及操作系统中的数字证书 的管理工作。 Microsoft Windows CryptoAPI (Crypt32.dll)中验证椭圆曲线加密(ECC)证书的方法存在信任管理问题漏洞。攻击者可通过使用欺骗性的代码签名证书利用该漏洞签名恶意的可执行文件。以下产品及版本受到影响:Micr
Description
Powershell to patch CVE-2020-0601 . Complete security rollup for Windows 10 1507-1909
介绍
Just use this - https://github.com/aaronparker/LatestUpdate
Updates everything if ENTERPRISE or EDU Win 10. If PRO only 1809 , 1903 & 1909 are patched.
# Windows10_Cumulative_Updates_PowerShell
This powershell script can be ran on a system and will identify if a system is patched for CVE-2020-0601 "Curveball" and if not will then download the appropriate patch and execute. Only works for Windows 10 1507-1909 (If ENterprise or EDU, if PRO only 1809-1909), didn't include for arm based CPUs or embedded versions. Will update for Server 2016 later.
This is a cumualtive update so downloads all security related updates in one rollup.
Alternatives:
There has been a write-up for two other options using Powershell -
https://www.virtualizationhowto.com/2020/01/automate-curveball-crypt32-dll-patching/
GIST to pull CLU's based on version of windows running. Read comments section. May need updating
https://gist.github.com/keithga/1ad0abd1f7ba6e2f8aff63d94ab03048
文件快照
[4.0K] /data/pocs/c565067771c38cacb860dd518a2ebaedb37e2178
├── [1.0K] LICENSE
├── [ 985] README.md
└── [ 34K] Windows 10 Security Rollup Patches CVE-2020-0601
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。