430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Security

MS14-066 – A critical bug potentially affects all Windows versions. Patch it!

MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences. Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability […]

MS14-066 – A critical bug potentially affects all Windows versions. Patch it!

MS14-066 – A critical vulnerability affects all versions of Microsoft Windows systems, its exploitation could have catastrophic consequences.

Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems, the flaw is particularly dangerous for users that servers that expose website. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability that could be exploited remotely to execute arbitrary code.

The vulnerability resides in the Microsoft secure channel (schannel) security component that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) standard authentication protocols.

“Schannel is part of the security package that helps provide an authentication service to provide secure communications between client and server. For more information, see Secure Channel.”

In the MS14-066 bulletin Microsoft explained that a failure to properly filter specially formed packets allow bad actors to run an attack by sending specially crafted packets to a Windows-based server.

“The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. This security update is rated Critical for all supported releases of Microsoft Windows.” states the MS14-066 security advisory.

Microsoft warns that the flaw affects Windows servers, but it is rated critical for both client and server versions of Windows. Experts speculate that the remote-code vulnerability may impact every Windows-based system that run software that listen Internet ports and accepts encrypted connections from outside, for example a server that exposes an FTP service accepting connections from the Internet.

Microsoft Security Bulletin MS14-066 - Critical

The overall impact of the vulnerability could be dramatic, this is the last case in order of time for major flaws that are threatening the security of the Internet users like the Heartbleed bug in OpenSSL library.

I invite you to read the FAQ session of the MS14-066 Microsoft security advisory, the company explains that there are no mitigating factors and no workarounds for the vulnerability.

What might an attacker use the vulnerability to do? 
An attacker who successfully exploited this vulnerability could run arbitrary code on a target server.

How could an attacker exploit the vulnerability? 
An attacker could attempt to exploit this vulnerability by sending specially crafted packets to a Windows server.

What systems are primarily at risk from the vulnerability? 
Server and workstation systems that are running an affected version of Schannel are primarily at risk.

Microsoft also evaluated the Exploitability of the flaw as “likely” for every Windows version, as reported in exploitation index. In time I’m writing there is no evidence of attacks in-the-wild that are exploiting the bug against Windows servers. Of course, the MS14-066 is part of this month’s Patch Tuesday batch, which included also a fix for a zero-day vulnerability exploited in cyber espionage campaigns against high-profile targets worldwide.

If you use a Windows system, don’t wast time update is immediately.

Pierluigi Paganini

(Security Affairs –  MS14-066, Windows)