Follow

Microsoft Schannel Remote Code execution Vulnerability CVE-2014-6321

Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted packets, aka "Microsoft Schannel Remote Code Execution Vulnerability."

Microsoft released a patch on the 11th November which patches a vulnerability in SChannel. SChannel is Microsoft a code library that is used to create encrypted connections. This vulnerability is rated critical but not yet seen in the wild. Once the vulnerability is reversed engineered from the patch attacks will commence. The reverse engineering has been made more difficult as there have been other significant changes to the schannel library which have been pushed out as part of the patch. For example new ciphers suites have been made available.  

At present we are working on creating a Shield for our RedShield customers but in the meantime the advice is to apply the patches released on Tuesday 11th November. This vulnerability may affect clients (Internet Explorer, Safari on Windows etc ) as well as all Windows servers.

A Microsoft Technet article is here:

https://technet.microsoft.com/library/security/ms14-066 

Updates will be made as information becomes available.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments