9 years ago
3
Windows Has a Huge Vulnerabilty, Get the Patch Now
As scary as Heartbleed was this past spring, it looks like virtually every Microsoft Windows user is in for a little deja vu. Microsoft just released a critical patch for a huge server vulnerability—one that affects quite a few current versions of Windows out there.
Continue Reading
http://gizmodo.com
Join the Discussion
It bugs me how every new security issue has to compare itself to Heartbleed. Well, it's not quite there yet. Schannel is pretty important, but it's difficult to discern exactly how important due to the way MS markets their stuff. If you have an internet-facing MS services (e.g. IIS, Sharepoint, Exchange, etc.), then an update-and-reboot is good. No idea about RDP. I rooted around the MS site for an hour and posted some threads and everyone's shrugging.
A more interesting question if an schannel-based clients can be exploited through this, because that would just open another can of worms.
Looks like I'm up to date with everything, guess Windows sneaked it by me in one of those nightly updates.
Windows has always been the swiss cheese os, so glad I switched to Linux 11 years ago. What I don't get is why does Windows not send everyone who uses their os said patch right now instead of expecting them to go get it? A lot of people won 't even know about this.