An unpatched issue in the main cryptographic library of Microsoft’s operating system can cause a denial-of-service condition in Windows 8 servers and above. The bug is in SymCrypt, the primary library for implementing symmetric cryptographic algorithms in Windows. A specially crafted X.509 digital certificate that prevents completing the verification process triggers the bug. The researcher considers the bug has low severity but can help an attacker take down a “Windows fleet”” in a short period. Microsoft missed the deadline to come up with a fix
Source: security