Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] OT: Microsoft Secure Channel (Schannel) Vulnerability

November 14:
"This flaw allows a remote attacker to execute arbitrary code and
fully compromise vulnerable systems"
https://www.us-cert.gov/ncas/alerts/TA14-318A

This is what my ISP has to say about it.

=========================================
"Extremely serious Windows security vulnerability (alexis) Fri 
Nov 14 19:07:51 2014

    We don't usually post warnings about security issues in Windows, but this 
one is so severely dangerous that it deserves a special mention, because it 
applies to every Windows version since 2000, and it does not require any user 
behavior - you just have to be on the Internet. If you have Windows machines, 
either clients or servers, we advise you to *urgently* drop whatever you're 
doing and get them patched. Don't wait for your next maintenance window (if you 
have a schedule).

    The US CERT advisory for this vulnerability is:
       https://www.us-cert.gov/ncas/alerts/TA14-318A
    The last two references listed provide some good insight on this.

    If you thought "heartbleed" and "shellshock" were bad... this is worse.
    Much much worse."

=================================================
BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix / webmaster@blu.org