CurveBall

From HandWiki
Short description: Web browser security vulnerability on Microsoft Windows 10

CurveBall (CVE-2020-0601) is a web browser security vulnerability and spoofing attack discovered and released by the NSA in 2020. The exploit targets Microsoft CryptoAPI, the program library that handles cryptographic functions for the Windows 10 operating system.[1][2] The vulnerability affects Microsoft Edge and Google Chrome.[3]

The name CurveBall was given to the attack by Tal Be'ery, a security researcher.[4]

References