Experts Comments On Microsoft SymCrypt Vuln Can Bring Down Windows Servers

By   ISBuzz Team
Writer , Information Security Buzz | Jun 13, 2019 01:00 pm PST

A Google researcher has discovered a vulnerabiliy in the SymCrypt cryptographic library of Microsoft’s OS that can trigger a DDoS disruption in Windows 8 servers and above, causing a perpetual operation “when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric.”

Expert Comments: 

Adam Laub, SVP Product Management at STEALTHbits Technologies: 

“This finding demonstrates just how important this type of research is in helping organizations mitigate risks no one ever knew existed. The frightening part about this vulnerability and others that can be remedied with a simple patch, however, is that many organizations will have a very difficult time actually implementing the fix. When I first started in the industry nearly 15 years ago, Patch Management was very much the flavor of the day – much like Privileged Access Management (PAM) and Artificial Intelligence (AI) technologies command significant mindshare among security practitioners now. Sadly, the Patch Management problem persists despite advances in so many other areas of IT Management, which could make this “low severity” vulnerability a lot more pungent than it ought to be.” 

Mounir Hahad, Head at Juniper Threat Labs at Juniper Networks:

“This could spell disaster. You no longer need to mount DDoS amplification attacks to be successful at bringing down an IIS server – all you need is to present a specially crafted client certificate. And given there are more than nine million Microsoft IIS servers still in operation around the world, about half of which are in the U.S. and China, a lot of organizations could potentially fall victim to this attack. It’s a fairly low barrier attack since the Google researcher made a specially crafted sample certificate available for public download.” 



Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x