Microsoft patched a spoofing vulnerability present in the Windows usermode cryptographic library, CRYPT32.DLL, on Windows 10, Windows Server 2016, and Windows Server 2019 systems. […]

from https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-cryptoapi-spoofing-flaw-reported-by-nsa/