Has anyone built out a Fixlet/task to protect endpoints against CVE 2013 3900. It looks like it has been republished. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900.
Thanks,
Paul
Hi Paul,
the patch team is working on a Vulnerability Fixlet to update the setting as mentioned in CVE-2013-3900, which otherwise will have to be done manually.
It’s going to be an optional Fixlet, Admins can chose to run it based on their criteria.
We are planning to release the content by Monday EOD.
Thanks
Alessandro
2 Likes
createfile until @end
Windows Registry Editor Version 5.00
if {x64 of operating system}
RegSet64[HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Wintrust\Config] “EnableCertPaddingCheck”=“1”
elseif {x64 of operating system} regset64[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] “EnableCertPaddingCheck”=“1”
else {not x64 of operating system} [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Cryptography\Wintrust\Config] “EnableCertPaddingCheck”=“1”
endif
@end
move __createfile cve20133900republished.reg
waithidden regedit /s “cve20133900republished.reg”
action requires restart
@ADL, Thank you and your team for this.
Content in the Patches for Windows site has been modified
New:
- Major (ID:201339001) Enable hardening changes for WinVerifyTrust Signature Validation Vulnerability (CVE-2013-3900)
- Major (ID:201339002) Disable hardening changes for WinVerifyTrust Signature Validation Vulnerability (CVE-2013-3900)
Reason for Update:
- New fixlets for the vulnerability CVE-2013-3900