Microsoft has released a critical update to patch a “privately reported” Microsoft Secure Channel (“Schannel”) vulnerability which affects all current versions of Windows and Windows Server. Says Microsoft, “This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows.”
In an article covering the issue in some depth, Arstechnica explains “People operating Windows systems, particularly those who run websites, should immediately install a patch Microsoft released Tuesday morning.”
Here is the full Microsoft security bulletin, with a link to the bulletin and the patch below:
This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.
This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software section.
The security update addresses the vulnerability by correcting how Schannel sanitizes specially crafted packets. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability.
According to Microsoft, the issue affects:
Windows 8.1 Enterprise
Windows 8.1 Pro
Windows RT 8.1
Windows Server 2012 Datacenter
Windows Server 2012 Standard
Windows Server 2012 Essentials
Windows Server 2012 Foundation
Windows 8 Enterprise
Windows 8 Pro
Windows 7 Service Pack 1, when used with:
Windows 7 Ultimate
Windows 7 Enterprise
Windows 7 Professional
Windows 7 Home Premium
Windows 7 Home Basic
Windows 7 Starter
|Get notified of new Internet Patrol articles for free!
|Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
Windows Vista Service Pack 2, when used with:
Windows Vista Ultimate
Windows Vista Enterprise
Windows Vista Business
Windows Vista Home Premium
Windows Vista Home Basic
Windows Vista Starter
Windows Server 2012 R2 Datacenter
Windows Server 2012 R2 Standard
Windows Server 2012 R2 Essentials
Windows Server 2012 R2 Foundation
Windows Server 2008 R2 Service Pack 1, when used with:
Windows Server 2008 R2 Datacenter
Windows Server 2008 R2 Enterprise
Windows Server 2008 R2 Standard
Windows Web Server 2008 R2
Windows Server 2008 R2 Foundation
Windows Server 2008 Service Pack 2, when used with:
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Web Server 2008
Windows Server 2008 Foundation
Windows Server 2008 for Itanium-Based Systems
Microsoft Windows Server 2003 Service Pack 2, when used with:
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!