The security Flaw detected on Microsoft, Make sure you update your Pc
#Microsoft Published “#Critical” #Updates in #Security #Bulletin. Apply #Patches! In the recent Security Bulletin of November 2014, Microsoft has published about 4 Critical Security flaws,apart from some other important updates, present in almost every version of Microsoft Operating system ranging from #WindowsServer2003 to #Server2012 and , #WindowsXP to #Windows8.1 and #WindowsRT, all of which can allow #RemoteCodeExecution.
Cyber Defence Intelligence Team has analyzed the bugs carefully. We recommend our users to apply the patches available via Windows Updates. Out of all, The major vulnerability was related to the Micorosoft’s #Schannel (Secure channel) security package in Windows. According to Microsoft, the vulnerability could allow attackers to remotely execute the code if the attacker sends specially crafted packets to a Windows Server. The vulnerability is addressed by the security update by correcting how Schannel cleans specially crafted packets.
Schannel is Microsoft’s Secure Channel package which is responsible for providing identity authentication and secure, private communication through encryption.
The vulnerability affects Windows Server, or any windows based system that listens connections from internet ports and accepts encrypted connections for ex. FTP. Despite this fact that it affects Windows Server, but Microsoft has rated this vulnerability as Critical for Windows Client Operating Systems also.
Now talking about the other vulnerabilities, one is related to #WindowsOLE (Object Linking and Embedding) which allows attackers again to remotely execute malicious code. This Security update as told by Microsoft patches 2 privately reported vulnerabilities in MS OLE. If the user views a specially crafted webpage in Internet explorer, could lead to Remote code Execution for the attacker. Further if the user is logged on with Admin rights, the attacker can view, edit change or delete data; or create new accounts with full user rights, hence can even gain full system control.
Microsoft says,” Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.”
The third vulnerability is related to Miosoft XML Core Services (#MSXML), which allows attacker for remote code execution if the user visits specially crafted website that is designed to invoke MSXML Core Services through Internet Explorer.
Words by Microsoft,” In all cases, however, an attacker would have no way to force users to visit such websites. Instead, an attacker would have to convince users to visit a website, typically by getting them to click a link in an email message or in an Instant Messenger request that takes users to the attacker’s website.”
The last Critical update is related to #InternetExplorer, this update resolves 17 privately reported vulnerabilities, the most severe of these could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. If the attacker successfully exploited these vulnerabilities, could gain the same user rights as the current logged in user.
We at #Cyber #Defence #Intelligence, inform our users to patch their servers as well as personal systems as soon as possible.