Please login to post or view tickets

 
RSS Feed
News
Nov
14

A critical vulnerability in Microsoft Windows systems could allow a remote attacker to execute arbitrary code via specially crafted network traffic.

Exploit Details:

Microsoft Secure Channel (Schannel) is a security package that provides SSL and TLS on Microsoft Windows platforms.  Due to a flaw in Schannel, a remote attacker could execute arbitrary code on both client and server applications.   It may be possible for exploitation to occur without authentication and via unsolicited network traffic. According to Microsoft MS14-066, there are no known mitigations or workarounds. Microsoft patches are typically reverse-engineered and exploits developed in a matter of days or weeks.  An anonymous Pastebin user has threatened to publish an exploit on Friday, November 14, 2014.   This flaw allows a remote attacker to execute arbitrary code and fully compromise vulnerable systems.

We strongly urge all subscribers to update their Windows OS as soon as possible.  This includes all Windows PC's not hosted by CNS.   Please contact CNS support if you would like these updates to be installed by CNS technicians.

Keeping your VM up to date:

Your VM will alert you when updates are available.  In Windows 2003 OS's, a yellow shield will appear in the system trey at the bottom/right.  In Windows 2008 systems, a blue server with a gold arrow circling it will appear.   To begin the install process, double click on the update icon and follow the prompts.   Be sure to confirm the reboot after updates are installed.  We recommend that you double check there are no more windows updates to install after completion.

Keeping your VM up to date is the best way to keep it safe from exploits.

More information:

National Vulnerability Database

Microsoft

Getting Help

Thank you for choosing Commercial Network Services. Please let us know if you have any questions or concerns. We are always here to help you. We maintain a ticketing system in order to effectively address and track your support issues. Please login to your Client Area and click "Help Desk" near the top, then click "Submit a Ticket" to send a new support request to our technicians.


Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
© 2016 Commercial Network Services. All rights reserved.
No content may be reproduced or redistributed without express written permission on CNS letterhead.
Only Commercial Network Services subscribers are authorized to use our content during their subscription period.
Permission to use our content may be revoked at any time, and at the sole discretion of Commercial Network Services.
Some content on this site is © by their respective owners.