We recently discovered a vulnerability in the DP API key management of Windows containers. This vulnerability was assigned CVE-2021-1645 by Microsoft [1] and allowed attackers to decrypt any data that was encrypted with DP API keys in Windows containers. This vulnerability was discovered in close cooperation with SignPath [2]. Introduction Windows containers is a feature … Continue reading DP API encryption ineffective in Windows containers: Publicly Available Cryptographic Keys (CVE-2021-1645)