ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB980436

Vulnerabilities in SChannel could allow remote code execution

This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The more severe of these vulnerabilities could allow remote code execution if a user visits a specially crafted Web site that is designed to exploit these vulnerabilities through an Internet Web browser. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to convince users to visit the Web site, typically by getting them to click a link in an e-mail message or in an Instant Messenger message that takes users to the attacker’s Web site. The security update addresses the vulnerabilities by implementing RFC 5746 and additional validation on SSL responses returned by a server.

There is a download that resolves this issue.
32-bit Download: Contact Microsoft
64-Bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB980436.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts