Y
Hacker News
new
|
ask
|
show
|
jobs
by
heartbreak
2346 days ago
That this exploit can be used to spoof the Windows Update system is a big yikes. You can’t necessarily trust today’s update itself.
1 comments
munchbunny
2346 days ago
That depends on whether Windows Update is using ECC certificates. A quick scan of my Windows 10 trusted root certificate store shows almost exclusively RSA based certificates, so I’d guess 80% odds that Windows Update itself isn’t affected.
link
shakna
2346 days ago
It may still be affected, the system may accept a bad ECC cert and override the RSA cert.
link