Microsoft has disclosed a significant vulnerability in virtually all versions of Windows that requires your immediate attention.
Here’s the nerdy explanation of what this vulnerability is: The vulnerability is in the Microsoft secure channel (schannel) security component that implements the secure sockets layer and transport layer security (TLS) protocols. Now according to a Microsoft advisory, a failure to properly filter specially formed packets makes it possible for attackers to execute attack code of their choosing by sending malicious traffic to a Windows-based server.
Here’s the explanation in plain English: If you don’t install the patches referenced in Microsoft advisory, some evil doer on the Internet can remotely send commands to your Windows based systems and cause all sorts of havoc.
Seeing as vulnerabilities in Microsoft products are usually exploited within 24 hours of patch Tuesday (which was yesterday), you need to make sure that you immediately use Windows Update to patch your systems. The people who should be most concerned are those who run Microsoft servers that are exposed to the Internet. But I am certain that some evil doer will find some way to exploit this on computers that aren’t exposed to the Internet. Thus it makes patching every Windows PC that you have a must do item today.
Like this:
Like Loading...
Related
This entry was posted on November 12, 2014 at 11:08 am and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Significant Vulnerability Affecting All Versions Of Windows Exposed
Microsoft has disclosed a significant vulnerability in virtually all versions of Windows that requires your immediate attention.
Here’s the nerdy explanation of what this vulnerability is: The vulnerability is in the Microsoft secure channel (schannel) security component that implements the secure sockets layer and transport layer security (TLS) protocols. Now according to a Microsoft advisory, a failure to properly filter specially formed packets makes it possible for attackers to execute attack code of their choosing by sending malicious traffic to a Windows-based server.
Here’s the explanation in plain English: If you don’t install the patches referenced in Microsoft advisory, some evil doer on the Internet can remotely send commands to your Windows based systems and cause all sorts of havoc.
Seeing as vulnerabilities in Microsoft products are usually exploited within 24 hours of patch Tuesday (which was yesterday), you need to make sure that you immediately use Windows Update to patch your systems. The people who should be most concerned are those who run Microsoft servers that are exposed to the Internet. But I am certain that some evil doer will find some way to exploit this on computers that aren’t exposed to the Internet. Thus it makes patching every Windows PC that you have a must do item today.
Share this:
Like this:
Related
This entry was posted on November 12, 2014 at 11:08 am and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.