CVE-2014-6321
Name: CVE-2014-6321 / MS14-066
Threat Type: Vulnerability
Severity: 10/10
Target: All unpatched versions of Windows
Release Date: 11th November 2014
Attack Surface: Huge – every version of Windows is vulnerable.
Summary: A privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows (the component that enables secure communication, e.g. SSL/TLS) . The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. The available patch from Microsoft corrects how Schannel sanitizes specially crafted packets.
Root Cause: Design flaw in Microsoft Secure Channel (Schannel) security package in Windows.
Remediative Action: Deploy Microsoft provided patches from Microsoft Windows Update. More details here https://technet.microsoft.com/library/security/MS14-066
Cognition View: This is bad. Really bad. All versions of Windows are affected and who knows how often this vulnerability has been exploited in the wild. All it takes is a user to send specially crafted packets to an Internet facing IIS server and they can then remotely execute code and own the box. In turn the attacker can do pretty much anything with that server, including spreading malware to any client that connects to it. Cognition’s advice on this one is to patch as soon as you can. Ideally test every patch against your applications first, but just remember that each minute you delay is another minute you’re exposed.
EVERY attacker in the world will be trying to exploit this vulnerability today so you need to get patching, NOW!
Full Details: https://technet.microsoft.com/library/security/MS14-066
The post CVE-2014-6321 appeared first on Cognition.
About Cognition
Cognition is a Specialist Cyber Security Integrator, focused on delivering the very best security guidance and providing an unprecedented level of service. The team is comprised solely of industry experts with each providing the best intelligence with a real world approach. It is this philosophy that enables Cognition to cut through the complexity of today’s threat landscape and provide the latest innovative security solutions that deliver true business value. Learn more about Cognition at https://cognitionsecure.com.