Last Day to Save $300 on Cyber Security Training at SANS Seattle Spring 2020! 7 Courses Available.

Webcasts

View Webcast Archive

Microsoft Patch Tuesday crypt32.dll Vulnerability Overview

  • Wednesday, January 15th, 2020 at 12:00 PM EST (17:00:00 UTC)
  • Jake Williams and Johannes Ullrich

Overview

As part of today's "Patch Tuesday", Microsoft addressed a critical flaw in the Windows 10 and Windows Server 2016 version of crypt32.dll. Crypt32.dll implements the Windows CryptoAPI, which provides various cryptographic features used by software to verify digital signatures. This flaw was originally discovered by the NSA, but has not been used in attacks yet.

In this webcast, you will learn more about the nature of the vulnerability, how it could be exploited, and current recommendations to implement the patches as efficiently as possible.

Speaker Bios

Jake Williams

Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.


Johannes Ullrich

Johannes Ullrich, dean of research at the SANS Technology Institute, is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. His research interests include IPv6, network traffic analysis and secure software development. In 2004, Network World named Johannes one of the 50 most powerful people in the networking industry, and SC Magazine named him one of the top five influential IT security thinkers for 2005. Prior to working for SANS, Johannes served as a lead support engineer for a web development company and as a research physicist.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.