Critical Schannel Vulnerability Effecting All Versions Of Windows

Please be advised of a recently discovered vulnerability in SCHANNEL affecting ALL VERSIONS OF WINDOWS!

Description

The vulnerability can be used by an attacker for drive-by attacks to run code remotely and take over the user’s machine.  In these drive-by attacks, hackers install code on web sites which attempts to covertly install malicious code on the unprotected computers of visitors to the site. Users are typically led to these sites via phishing emails and other scams.

Further information regarding the details of the vulnerability:

http://www.theregister.co.uk/2014/11/12/driveby_unicorn_0day_beats_emet_affects_all_windows_versions/

Solution

A patch, MS14-066, released yesterday as part of Microsoft’s
Patch Tuesday remediates this issue for all supported versions of Windows. Please note, THIS DOES NOT INCLUDE WINDOWS XP! This security update is rated Critical for all supported releases of Microsoft Windows. If you have automatic updates turned on, you will get this new update without having to do anything.  If you haven’t turned on automatic updates, you should do so now.  Click the “Check for Updates” button on the Windows Update portion of your Control Panel.

The patch can be manually downloaded here:

https://technet.microsoft.com/library/security/MS14-066

Comments are closed.