[Discuss] OT: Microsoft Secure Channel (Schannel) Vulnerability

Bill Ricker bill.n1vux at gmail.com
Sat Nov 15 00:45:11 EST 2014 

This  was discussed pretty much all week on SANS Internet Storm Center
"Daily Stormcast"  podcast.

Handler Diaries -

https://isc.sans.edu/diary/How+bad+is+the+SCHANNEL+vulnerability+%28CVE-2014-6321%29+patched+in+MS14-066%3F/18947
&
https://isc.sans.edu/diary/SChannel+Update+and+Experimental+Vulnerability+Scanner+%28MS14-066%29/18953


Especially If running Net-visible Windows servers -- e.g. ASPX windows
servers -- this *is* urgent.  2nd priority, laptops.
   Unclear which services a non-server might be vulnerable with to
intRAnet attack, so patch them too.

/b

On Sat, Nov 15, 2014 at 12:32 AM, Stephen Ronan <sronan at panix.com> wrote:
>
> November 14:
> "This flaw allows a remote attacker to execute arbitrary code and
> fully compromise vulnerable systems"
> https://www.us-cert.gov/ncas/alerts/TA14-318A
>
> This is what my ISP has to say about it.
>
> =========================================
> "Extremely serious Windows security vulnerability (alexis) Fri Nov 14
> 19:07:51 2014
>
>    We don't usually post warnings about security issues in Windows, but this
> one is so severely dangerous that it deserves a special mention, because it
> applies to every Windows version since 2000, and it does not require any
> user behavior - you just have to be on the Internet. If you have Windows
> machines, either clients or servers, we advise you to *urgently* drop
> whatever you're doing and get them patched. Don't wait for your next
> maintenance window (if you have a schedule).
>
>    The US CERT advisory for this vulnerability is:
>       https://www.us-cert.gov/ncas/alerts/TA14-318A
>    The last two references listed provide some good insight on this.
>
>    If you thought "heartbleed" and "shellshock" were bad... this is worse.
>    Much much worse."
>
> =================================================
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss



-- 
Bill Ricker
bill.n1vux at gmail.com
https://www.linkedin.com/in/n1vux

More information about the Discuss mailing list