Google Researcher Details Windows Cryptographic Library BugFlaw Could Cause Denial-of-Service Event in Windows Fleet, Researcher Claims
A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices.
Tavis Ormandy, a researcher with Google Project Zero, says he first took notice in March of the bug in Microsoft's SymCrypt, an open source project that forms the core cryptographic function library currently included in newer version of Windows, including Windows 8 and Window 10.
The researcher says he gave Microsoft a private, 90-day notice of the unpatched bug, but the company had not fixed the flaw as of Tuesday, June 11, when it published its latest Patch Tuesday notification. Once his deadline for posting a fix passed, Ormandy described his findings in a blog post.
Today is day 91, so the issue is now public. I consider this relatively low severity, but you could take down an entire Windows fleet relatively easily, so it's worth being aware of. https://t.co/KKa7cOMyfw— Tavis Ormandy (@taviso) June 11, 2019
In a statement provided to Information Security Media Group, a Microsoft spokesperson says that the company attempted to address the problem as soon as possible, but there were issuing in testing the fix.
"We worked to meet the researcher's deadline for disclosure. However, a customer-impacting regression was discovered that prevented the update from being released on schedule," the spokesperson tells ISMG. "We advised the researcher of the delay as soon as we were able. Developing a security update is a delicate balance between timeliness and quality, and our ultimate goal is to help ensure maximum customer protection with minimal customer disruption."
While Ormandy admits this is a low-level bug, it's possible that an attacker could take advantage of the flaw to create a zero-day event that "can take down a Windows fleet pretty quickly with it," he writes.
Cryptographic Library Flaw
The problem, Ormandy writes, start within SymCrypt, which is the primary library for implementing symmetric cryptographic algorithms in Windows 8 and newer operating systems. These algorithms create a single, secret key that is used for both encryption and decryption.
The bug essentially creates a never-ending loop within this cryptographic library, Ormandy says.
"There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric," Ormandy writes.
As part of his research, Ormandy constructed a special X.509 certificate - a recognized public key infrastructure standard - that would trigger the bug by not allowing the system to complete the verification process. Because the certificate is embedded in a secure message or protocol, it can bypass security measures.
If one systems triggers the flaw, it can go on to affect an entire fleet of Windows devices, he writes. In addition to a denial-of-service attack, this flaw could also force the Windows devices to reboot, the researcher says. Ormandy notes that this is a particular problem for systems running the Windows Server OS - including IPsec, which creates secure connections; Internet Information Services, which is a web server; and Exchange Server for email.
"Obviously, lots of software that processes untrusted content (like anti-virus) call these routines on untrusted data, and this will cause them to deadlock," Ormany adds.
In his blog, Ormandy writes that he privately reached out to the Microsoft Security Response Center to inform the company of the bug in March and offered a standard 90-day window for the company to make a fix. The deadline for that would have been Tuesday, when Microsoft published its monthly security bulletin.
Microsoft responded that it would need until at least July to address some issues its research team found during the testing process, Ormandy notes. Since it passed 90 days, however, he decided to post his research.