Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing.

The new Windows CryptoAPI CVE-2020-0601 vulnerability disclosed by the NSA can be abused by malware developers to sign their executables so that they appear to be from legitimate companies. This ...

Researchers have developed a proof-of-concept (PoC) exploit for a public x.509 certificate-spoofing vulnerability in the Windows CryptoAPI that the NSA and the National Cyber Security Center (NCSC) ...

WTF?! Akamai has unveiled a new security threat to Windows-based servers and data center machines based on a dangerous bug Microsoft fixed months ago. However, it seems almost no one bothered to ...

I'm trying to implement decryption of data in a .Net app that was encrypted via Win32 CryptoAPI (wincrypt). A lot of it has been hit or miss for me, since I'm a native C/C++ dev that gets to play with ...

In 2022, the National Security Agency, in conjunction with the U.K’s National Cyber Security Centre, reported a critical vulnerability in the Windows CryptoAPI to Microsoft. While this was patched in ...

A bug in the Windows CryptoAPI is still unpatched on most data centre systems. Security researchers from Akamai said that the bug was discovered and fixed by Microsoft in August 2022, but 99 percent ...

Microsoft Windows users have got used to the monthly "Patch Tuesday" update cycle and the disclosure of fixed vulnerabilities impacting the operating system it brings with it. Because of the ...

I don't believe you can do so directly, but it's not hard to wrap the API calls with a COM object.