Publication Citation: None (see link)
Researcher Names: None
Link: https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF
NSA discovered a bug in the verification of signatures in Windows which breaks the certificate trust chain. This is the first time a crypto bug had real world impact, and NSA disclosed it through the vulnerability equities process (VEP).