On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.
This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.
Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.
This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.
This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:
In other words, pretty much any business using Windows and Windows Server is at risk.
While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch – MS14-066 that is supposed to fix the problem.
Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated.
What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.
If you would like to learn more about Windows and how you can keep your systems secure, please do call us today on 01302 732190.