📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - auf Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account and confirming your email.

CurveBall

From EverybodyWiki Bios & Wiki

For the baseball pitch, see Curveball.

CurveBall (CVE-2020-0601) is a web browser security vulnerability and spoofing attack discovered and released by the NSA in 2020. The exploit targets Microsoft CryptoAPI, the program library that handles cryptographic functions for the Windows 10 operating system.[1][2] The vulnerability affects Microsoft Edge and Google Chrome.[3]

The name CurveBall was given to the attack by Tal Be'ery, a security researcher.[4]

References

  1. "Proof-of-concept exploits published for the Microsoft-NSA crypto bug". ZDNet.
  2. "Microsoft, NSA confirm killer Windows 10 bug, but a patch is available".
  3. "Bad Flaw in Windows 10 Also Affects Chrome Browser".
  4. Be'ery, Tal (2020-02-03). "CurveBall's Additional Twist: The Certificate Comparison Bug". ZenGo. Retrieved 2023-01-25.



This article "CurveBall" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:CurveBall. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


Retrieved from "https://en.everybodywiki.com/index.php?title=CurveBall&oldid=3959486"
License CC BY-SA 3.0
Powered by MediaWiki