Issue:
Schannel Remote Code Execution (CVE-2014-6321)
The affected host is vulnerable to remote code execution due to improper processing of packets by the Secure Channel (Schannel) security package.
Risk Level:
High
Implication:
An attacker can exploit this issue by sending specially crafted packets to a Windows server and gain unauthorised access over the server.
Recommendation:
Microsoft has released a set of patches for Windows 2008. The affected host should be patch to the latest security update https://technet.microsoft.com/en-us/library/security/ms14-066.
How to do manual verification:
Click on the link below:
https://github.com/anexia-it/winshock-test
No comments:
Post a Comment