The discovery of the Heartbleed bug earlier this year was thought to be the biggest security issue of the year. While it has largely been dealt with, Microsoft has recently announced a similar and equally large potential threat. While details are fairly scarce, and there is a fix to avoid this issue, it is a threat all businesses with Windows Servers should be aware of.

The new security problem

On November 11, 2014 Microsoft released a patch for nearly all versions of Microsoft Server, along with patch notes that included the reason why the patch was released. In short, it was released to plug a security gap that the company calls Schannel Remote Code Execution Vulnerability.

This cryptically-named vulnerability essentially allows hackers remote code access by sending specific packets of data to a server. Data packets are made up of basic units of data communication combined in order to send data over a network.

Hackers can structure certain data into packets then breach a bug in Microsoft Server software, potentially allowing a hacker full remote access to that server and the ability to execute whatever code they so choose, including giving themselves full access to the systems and data hosted on your server.

This bug is particularly destructive because it affects the Schannel library on servers, which is responsible for encryption and authentication in Windows.

What versions of Windows server are affected by this bug?

This bug can potentially be found on nearly every version of Windows and Windows Server currently in use by companies, including:

  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows 8/8.1
  • Windows Server 2012/2012 R2
  • Windows RT/RT 8.1

In other words, pretty much any business using Windows and Windows Server is at risk.

What should we do?

While this appears to be a big issue, and in truth it is, Microsoft has noted that they are unaware of anyone actually exploiting this bug as of the writing of this article. The company has also released a patch – MS14-066 that is supposed to fix the problem.

Therefore, the best action you can take is to update all of your systems running Windows. While it primarily affects servers, this could become a widespread issue if systems are not updated. What we recommend is contacting us as soon as possible. We can help ensure that all of your systems are updated and protected from this bug.

If you would like to learn more about Windows and how you can keep your systems secure, please do call us today.

Published with permission from TechAdvisory.org. Source.