Tls Security
The latest Tls Security coverage — news, analysis, and updates from the WindowsNews.AI desk.
Microsoft Aims for 2029 Quantum-Safe Deadline as SAP Rolls Out Hybrid PQC
Microsoft has set an internal 2029 target to transition all its cloud services and products to quantum-resistant cryptography, accelerating what it dubs the Quantum Safe Program. The move, disclosed...
Microsoft patches CVE-2026-42013 GnuTLS bug allowing TLS certificate validation bypass via oversized SAN fields
A newly disclosed vulnerability tracked as CVE-2026-42013 has set off alarm bells in the Windows ecosystem, not because it originates in Microsoft’s own code, but because several Microsoft products...
Microsoft Sounds Alarm Over GnuTLS CVE-2026-42012: A TLS Bypass Hitting Windows Where It Hurts
Microsoft’s security team has published a detailed advisory for CVE-2026-42012, a critical vulnerability in the GnuTLS library that can allow attackers to bypass TLS certificate validation...
Mbed TLS bug in versions before 2.23.0 lets malformed certs bypass verification.
The discovery of CVE-2020-36478 in Mbed TLS revealed a subtle but significant vulnerability in certificate validation that could allow malformed certificates to be incorrectly accepted as valid. This...
Go 1.18 macOS TLS Panic Vulnerability CVE-2022-27536: Critical Security Alert
A critical security vulnerability in the Go programming language's standard library has been identified, affecting macOS users who rely on TLS connections for secure communications. Designated as...
Certifi Drops e-Tugra Root Certificates: CVE-2023-37920 Impact on Windows & Python Security
The recent removal of e-Tugra root certificates from the widely-used Certifi trust store, tracked as CVE-2023-37920, represents a significant security event with far-reaching implications for Windows...
A Single TLS Handshake Can Send Rustls Servers into an Infinite Spin—Here’s the Fix
A freshly disclosed flaw in the Rustls TLS library lets any remote attacker lock up a server with nothing more than a well-timed “close” message during the handshake, consuming CPU resources...