How To Fix The Microsoft Schannel Vulnerability

A new vulnerability in Microsoft’s Schannel communication was published on November 11th. The IT community is working to determine the impact of this vulnerability, but it appears to be quite serious.

windows-bugs

Swift installs Microsoft Windows updates for all of our managed IT services and contract customers as part of their regularly scheduled maintenance. If you manage your own system security, Swift strongly recommends that you install the most recent Microsoft Windows updates on all Windows systems on your network ASAP.

IBM identified the vulnerability and Microsoft released a patch to address the “19 year old bug” in this week’s scheduled security updates.

This vulnerability, dubbed WinShock by some, is an SSL/TLS bug that affects a wide array of Microsoft products. This software exploit could be used to steal information from computer and server systems and even take over entire networks. This is a concern because Microsoft Windows is pervasively used in business and this bug is currently rated 10 out of a possible 10 for severity on the Common Vulnerability Scoring System (CVSS). Schannel is isolated to Windows operating systems, and there is no evidence that this vulnerability has been exploited “in the wild” at this time. For comparison, the Heartbleed vulnerability was rated a 5 out of 10 on the CVSS scale and widely used Linux-based systems were vulnerable to attack.

It appears that this week’s patch completely fixes the vulnerability. Swift will continue to monitor updates concerning WinShock and will send another announcement if anything significant develops.

For more technical details, please read the most recent Microsoft Security Bulletin MS14-066 – Critical and National Institute of Technology (NIST) Vulnerability Summary.

Swift Systems is aware that security threats are constantly changing and evolving and we work diligently to protect our networks and yours at all times.

Please call Swift IT at 301.682.5100 or email sales@swiftsystems.com if you have any questions or concerns.

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
LoadingLoading...

Let our Specialists take care of your IT Support

3CX VoIP Bundle
The Owner’s Guide to Lean IT

IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.

There’s a better way. Learn how.

Schedule Free Network Assessment

Stop Worrying About Your IT

Get in touch with us for a free consultation with one of our technical experts. We’ll review your current systems, assess your needs, and identify the coverage options to best meet them.

Get in touch with us by phone:

Sales: 301-682-1500

Support: 301-690-4357