Spoofing Vulnerability CryptoAPI (CVE-2020-0601)
As written today on Forbes and confirmed by Microsoft, big spoofing vulnerability in the CryptoAPI was found by NSA in Windows 10, Server 2016 and Server 2019.
The CryptoAPI, (crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.
I recommend you to install todays security patch for Windows 10, Server 2016 and Server 2019 (CVE-2020-0601). More information
Microsoft including download links