Trending: Now you can put your name on NASA’s Mars 2020 rover (in teeny tiny letters)

Video thumbnail for youtube video Microsoft to release new keyboard for iPads, Android tablets - GeekWireIt’s another doozy of a Patch Tuesday, with Microsoft fixing a critical vulnerability that opens computers up to remote code execution.

The vulnerability, covered under bulletin MS14-066, can allow an attacker to execute code on a Windows server if they send specially-formed packets to that device.  Patches for the flaw run all the way back to Windows Server 2003, and it looks like it has been around for a while.

What’s particularly dangerous about this remote execution flaw is that it’s in the Schannel library, which handles encryption and authentication, particularly for HTTP applications. Details about the flaw aside from its remote code execution capabilities are fairly scarce, so it’s not clear exactly what attackers would be able to do if they took advantage of the vulnerability.

According to Microsoft, the flaw hasn’t been exploited in the wild yet, so sysadmins probably don’t have to worry about past attacks using this particular vulnerability. Still, now that it has been disclosed, people should move quickly to update their computers, especially servers.

Users and administrators can get the patch through Windows Update.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Comments

Job Listings on GeekWork

Sr. Key Account ManagerNew Hampshire Ball Bearings
Sr SDETSkyKick
Senior Software DeveloperIntegra LTC Solutions
Find more jobs on GeekWork. Employers, post a job here.