SCF Advanced Search

  • Total Posts: 40150
  • Total Topics: 14260
  • Online Today: 697
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)

Author Topic: Vulnerability in the Windows Schannel Security Package Could Allow Remote Code E  (Read 2907 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Global Moderator
  • *****
  • Posts: 1076
  • KARMA: 22
  • Gender: Male
General Information
Executive Summary

This critical security update resolves a privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. However, attempts to exploit this vulnerability would most likely result in the Internet Web browser or application exiting. The system would not be able to connect to Web sites or resources using SSL or TLS until a restart of the system.

This is a critical security update for supported editions of Windows XP, important for editions of Windows 2003, and moderate for editions of Windows 2000. For more information, see the subsection, Affected and Non-Affected Software, in this section.

This security update addresses the vulnerability by modifying the way that the client parses server-key exchange data sent from the server. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.

Known Issues. None

Update Replacement. This security update does not replace a prior security update.
# Online Anti-Malware Scanners:,734.0.html

Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising