Critical Windows Schannel Vulnerability – Why You Need the Patch NOW
In early November, Microsoft released a patch meant to repair a critical Windows Schannel vulnerability affecting many of the Windows versions currently in use. Microsoft initially reported no knowledge of anyone actually exploiting this particular vulnerability. However, speculation is rampant that this vulnerability could be at the root of what lead to the recent Home Depot breach and both Immunity and BeyondTrust have since issued proof that their sites were exploited. Regardless of whether or not the Schannel vulnerability truly is the cause of these breaches, Microsoft is indeed referring to the patch as “critical” due to the extent of damage that could be caused if someone did leverage it.
The Details
The basics of this vulnerability is it allows remote code execution, meaning a hacker could modify code packets to attack your machine and potentially be able to execute any kind of malicious code on your server they want, remotely and without an authorized account. The vulnerability is real not only for Windows servers, but individual clients as well. The patch works by correcting the way the Schannel (secure channel) sanitizes special packets.
What You Need to Do Now
Having your system infected could potentially be as easy as visiting a malicious website with the exploitation code running. If you are operating Windows, drop everything and scan this full list of affected software versions to make sure your system is not on it. If you are on the list, download the patch immediately. If you have any questions, contact us and we’ll walk you through it.
It isn’t worth waiting and risking exposure or exploitation when the solution is at your fingertips. Don’t risk remaining vulnerable. If you are operating a system that’s at risk, downloading and installing the patch is simple. If you’re concerned you won’t do it correctly or if you just need some assurance, contact us today.