Microsoft has disclosed a potentially catastrophic vulnerability in virtually all versions of Windows. People operating Windows systems, particularly those who run websites, should immediately install a Microsoft Windows patch released Tuesday morning.

The vulnerability resides in the Microsoft secure channel (schannel) security component that implements the secure sockets layer and transport layer security (TLS) protocols, according to a Microsoft advisory. A failure to properly filter specially formed packets makes it possible for attackers to execute attack code of their choosing by sending malicious traffic to a Windows-based server. MS14-066 (CVE-2014-6321) is a TLS heap overflow vulnerability in Microsoft’s schannel.dll, which can result in denial of service and even remote code execution on windows systems

While the advisory makes reference to vulnerabilities targeting Windows servers, the vulnerability is rated critical for client and server versions of Windows alike, an indication the remote-code bug may threaten Windows desktops and laptop users as well.

There are no mitigating factors and no workarounds for the bug. A separate exploitation index assessed real-world attacks as “likely” for both newer and older Windows releases. MS14-066 was one of 16 updates Microsoft scheduled for this month’s Microsoft Windows Patch Tuesday batch. They include a fix for a zero-day vulnerability already under attack in highly targeted espionage attacks.

Just a show of how quick hackers can exploit bug like this, it took less than 12 hours after the disclosure of the catastrophic Heartbleed bug for it to be turned against Yahoo and other sites. Anyone who uses a Windows computer—especially if it runs a Web or e-mail server—should ensure the Microsoft patch update for this vulnerability is installed immediately.

A quick note to our clients, we have taken the precaution and already started patching and checking your machines for missing patches. For the rest, please do check you have the Microsoft Security Patch 2992611 install on your machines.

 

At Blazon Technologies, we specialized in protecting our clients’ network and data, ensuring they can keep running their business even if disaster strikes them. To find out how we can help you with your security and protection, contact us for more information.