This is a critical update, a really, really critical patch that must be applied ASAP to all Windows machines. Fortunately there doesn’t seem to be a live exploit in the wild being used, but that doesn’t mean someone doesn’t have one.<\/p>\n
Patch Tuesday this month is a genuinely huge (and rather important) set of updates. <\/p>\n
Microsoft has been forced to issue a critical patch for a vulnerability that affects every current version of its Windows operating system.<\/p>\n
The bug affects code in the Microsoft secure channel (schannel) security component. This component implements the secure sockets layer and transport layer security (TLS) protocols.<\/p>\n
A flaw in the code means it fails to properly filter specially formed packets allowing hackers to execute code remotely on an affected Windows machine.<\/p>\n
According to the advisory, the flaw affects Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8\/8.1, Windows Server 2012\/2012 R2, and Windows RT\/RT 8.1 machines. The flaw is rated critical for all affected operating systems. <\/p>\n
Microsoft said that it \u201chad not received any information to indicate that this vulnerability had been publicly used to attack customers\u201d. <\/p><\/blockquote>\n