Insecure Cryptography
msrcrypto is vulnerable to insecure cryptography. The vulnerability exists as there are issues with the Elliptic Curve Cryptography ECC implementation, allowing invalid ECDSA signatures to be created through the learning of a server's private ECC key...