No, you don’t need to install the latest Win7 patches right away.
Yeah this is definitely bullshit. The latest patch includes one for the crypt32 module that fixes a certificate chain spoofing hole. Basically allowing anyone to make up a fake certificate and assure your computer that they are anyone they claim to be.
[–] glassuser 1 point 1 point 2 points (+2|-1) ago
Yeah this is definitely bullshit. The latest patch includes one for the crypt32 module that fixes a certificate chain spoofing hole. Basically allowing anyone to make up a fake certificate and assure your computer that they are anyone they claim to be.
[–] stacylgage ago (edited ago)
Ahhh... for 7? No. Not susceptible.
https://www.computerworld.com/article/3514599/worried-about-an-nsa-chainoffools-curveball-attack-there-are-lots-of-moving-parts-test-your-system.html
Theres even a test page: https://curveballtest.com/index.html
Edit: Also, 3 more years if you want to pay for it: https://0patch.zendesk.com/hc/en-us/articles/360009437380-How-long-do-you-plan-to-provide-Windows-7-and-Windows-Server-2008-Micropatches-