Microsoft releases patch for huge Windows vulnerability

Microsoft has issued a ‘critical patch’ for a potentially seriously vulnerability affecting multiple versions of Windows.

According to Microsoft, the so-called ‘Schannel Remote Code Execution Vulnerability’ could allow an attacker to remotely run any piece of code they wished on a user’s machine.

The issue is quite far ranging as the patch has been issued for users with machines running Windows Server 2003/2008/2012, Vista, 7, 8, 8.1 and Windows RT.

The company says server and workstation machines running an affected version of Schannel – which deals with encryption and authentication within Windows – are most at risk from the issue.

The good news right now is that Microsoft claims it is not aware of anyone taking advantage of the vulnerability.

Microsoft says there is no workaround or ways to prevent the attack. The only way for the security hole to be plugged is to download the patch from Windows Update at the earliest possible opportunity.

Explaining the problem, Microsoft wrote: “A remote code execution vulnerability exists in the Secure Channel (Schannel) security package due to the improper processing of specially crafted packets. Microsoft received information about this vulnerability through coordinated vulnerability disclosure.

“When this security bulletin was issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers. The update addresses the vulnerability by correcting how Schannel sanitizes specially crafted packets.

Users can open the Windows Update portion of their operating system now in order to safeguard their servers.

The issue invokes memories of the Heartbleed OpeSLL vulnerability which forced internet users into changing their online passwords en masse earlier this year.

Read more: Windows 10 Technical Preview: First Impressions

Via:
The Next Web

More from TrustedReviews

LG Q8 finally brings the V20’s promise to Europe

Atari is now in the speaker business… and the hat business

Thinner Moto Z2 Force could come with a huge trade-off

HyperLoop One

Elon Musk’s Hyperloop gathering pace as NY-DC link gets ‘OK’

N64oid

Is this proof an N64 Classic will follow the SNES?

Agents of Mayhem preview

cats 17

Why you’ll want to download this OnePlus 5 update today

Golf rory

British Open Golf Live Stream: How to watch online for free

Call of Duty: Infinite Warfare for Xbox One down to under £9

Samsung Gear S3 finally gets Samsung Pay support in UK

Welcome to the all new Trusted Reviews

Netgear Arlo

Netgear Arlo Pro

Cat Amazon

Are you kitten me? Pet translation devices tipped for future smart homes

fire emblem warriors

Fire Emblem Warriors

pokken

Pokkén Tournament DX

TP-Link Smart Wi-Fi LED Bulb 5

TP-Link Smart Wi-Fi LED Bulb

Samsung Pay

Samsung Pay now lets you use your PayPal funds at the checkout

assassins creed origins

Ubisoft teases new games for Nintendo Switch, coming ‘quite soon’

amazon echo

Ask Vodafone: Mobile network’s first Amazon Alexa voice skill is revealed

Google Feed

The Google app’s new personalised feed might just drag you off Facebook

z2play 9

Moto Z2 Play

Mira Prism

For just $99 you can bring AR to the iPhone 7

Samsung Galaxy S8

Samsung Galaxy S9 displays may be the same, save one major new feature

movie theatre

The Netflix Effect: ‘Binge-watching’ is coming to movie theatres

Porsche MIssion E

Porsche’s latest electric car chargers put Tesla to shame

EE logo

EE’s new 20GB SIM-free deal is the best value tariff you’ll see all summer

Int-Ball

These are the first images from the ISS – as captured by a zero-gravity drone

iMac 21.5-inch 4K (2017)

LG V30 case

LG V30 design ‘confirmed’ ahead of IFA 2017 launch

iPhone 7 vs iPhone SE

Waiting for the iPhone SE 2? Sadly, it could be a one-and-done

Google Glass Enterprise

Google Glass 2 has arrived, sort of

Denon AH-C621R

Denon AH-C621R

BBC Proms

Get ready to listen to the BBC Proms like never before

Fender Newport Monterey Bluetooth speakers

Fender’s new Bluetooth speakers look just like tiny guitar amps

Garmin Vivosmart 3

Garmin Vivosmart 3

airplane

Is the laptop travel ban dead? Electronics restrictions lifted by TSA but UK fails to follow suit

KitSound Immerse

KitSound Immerse Wireless Headphones

Emojis

It’s World Emoji Day and Apple is showing off all of its newcomers

Porn Block

Privacy fears as UK plans age verification for porn sites

WhatsApp

New WhatsApp feature could give Apple’s iMessage a run for its money