Windows flaw allows remote code execution

If you didn't run Windows Update yesterday, now might be a good idea to do so. As Ars Technica reports, the latest Patch Tuesday updates include a fix for a critical security flaw that could allow an attacker to take control of a remote PC.

Microsoft outlines the flaw here, saying it affects the Microsoft Secure Channel package and "could allow remote code execution if an attacker sends specially crafted packets to a Windows server." Ars elaborates a little on that point, quoting Amol Sarwate of security firm Qualys as saying anyone running software that "monitors Internet ports and accepts encrypted connections" is potentially vulnerable:

"If they install software that listens on port, then that machine would be vulnerable," he said. An example would be "if they run Windows 7 but install an FTP server on it that accepts connections from outside, or a Web server on a client."

The security flaw, known as MS14-066, affects pretty much all Windows versions released within the past decade or so, from Vista to Windows 8.1 on the desktop side and from Windows Server 2003 to Windows Server 2012 R2 on the server side. Servers are obviously particularly vulnerable, but as Sarwate points out, many desktops might also be targets.

So, yeah, better make sure you're all patched up. No known exploits apparently exist in the wild yet, but that may not be the case for long.

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.