Microsoft New Zero Day FlawHacker attacks are running rampant, and companies are struggling to keep up. Staying a step ahead of the cybercriminal is first and foremost, and Microsoft has done just that.

In its early-November Windows update, Microsoft applied 14 security updates to its Windows products, one of which proved quite critical—to fix a security hole in Schannel. Also know as Secure Channel, Schannel is a security support provider (SSP) that contains a set of security protocols that provide identity authentication and secure, private communication through encryption. It is primarily used for Internet applications that require secure Hypertext Transfer Protocol (HTTP) communications.

In a recent article, Mashable gave details regarding the security update and expresses the urgency of the matter:

Microsoft says that attackers could send “specially crafted” data packets to the Windows server you’re running. By exploiting this vulnerability, they could execute code remotely and deliver something nasty to your computer. On its security bulletin, Microsoft said there are no mitigating factors or workarounds to lessen the blow of these attacks.

There hasn’t been any indication that the vulnerability has been used to attack the general public, according to Microsoft. The patch mends the problem by altering the way Windows processes packets. Microsoft doesn’t provide much more information about the vulnerability.

The patch comes over on Windows Update, so it’s best for Windows users to run the scheduled update as they get a chance.

For more information regarding the Schannel vulnerability, read the full Mashable article and consult Microsoft’s web page.

Microsoft Applies Secure Channel Patch Without Fanfare

Leave a Reply