Today, for its February 2021 Patch Tuesday, Microsoft released an important security update for certificates in Windows and Windows Server. This vulnerability is known as CVE-2021-1731 and rated with CVSSv3.0 scores of 5.5/4.8.
When glancing over the vulnerability, it might not be a particularly important vulnerability, but its implications are wide and deep; This PFX encryption security feature bypass vulnerability might require you to reissue or request your certificates with new private keys, because the keys may not be properly secured in transit.
When you have a certificate with a private key, you can export the certificate with the private key into a *.pfx file. When exporting the certificate, you need to decide between providing a Password or providing a Group or usernames (recommended) for access to the certificate:
You cannot export the certificate with the private key without providing one or both security measures.
Now, when you use the Group or usernames (recommended) option, keys encrypted using AES are not properly protected.
There are two things to notice:
- The Group or usernames (recommended) option is labeled as the recommended method to secure a *.pfx file.
- By default, the TripleDES-SHA1 method is used to encrypt the contents of the *.pfx file. The AES256-SHA256 encryption option is not the default option, but should be the preferred option, as 3DES and SHA1 are deprecated encryption protocols and should not be used for production purposes.
Affected Operating Systems
The following Operating Systems (OSs) are affected:
- Windows 10, version 1803
- Windows 10, version 1809
- Windows 10, version 2004
- Windows 10, version 20H2
- Windows Server 2019
- Windows Server, version 1909
- Windows Server, version 2004
The above list suggests that the vulnerability was introduced recently and does not affect other supported Operating Systems, like Windows Server 2012 and Windows Server 2016.
Recommendation
If your organization stores recent certificates to disk, in e-mail or in other intra-organization communication exchanges that are secured with the Group or usernames (recommended) option and use AES256-SHA256 as encryption method, these certificates should be imported on a Windows or Windows Server installation with the February 2021 update installed and then exported.
The Group or usernames (recommended) option is not suitable for exchanging certificates to third parties. In these scenarios, the Password option is probably used. Certificates shared and stored this way are not susceptible to the vulnerability. They are, however, susceptible to brute-forcing…
Certificates that use the TripleDES-SHA1 method for key encryption are also not susceptible to the vulnerability. They are, however, susceptible to collision attacks…
Just a note – a "secure" password is meant to be stored on Group-protected PFXs as well as a fallback.