• idlethreat
    +5

    It bugs me how every new security issue has to compare itself to Heartbleed. Well, it's not quite there yet. Schannel is pretty important, but it's difficult to discern exactly how important due to the way MS markets their stuff. If you have an internet-facing MS services (e.g. IIS, Sharepoint, Exchange, etc.), then an update-and-reboot is good. No idea about RDP. I rooted around the MS site for an hour and posted some threads and everyone's shrugging.

    A more interesting question if an schannel-based clients can be exploited through this, because that would just open another can of worms.