hoopsdavis gave kudos to itman in CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability
The patch was included in the Jan. cumulative update for Win 10 release last Tues..
For Win Server 2016 and 2019 which are also vulnerable, one will have to check with Microsoft on how the patch is being delivered or download the patch from the Win Catalog web site.
hoopsdavis gave kudos to Marcos in CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability
Microsoft has already released a hotfix for the vulnerability: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601