[HUB] MS14-066: Vulnerability in Schannel could allow remote code execution

Refers to:

  • Plesk

Created:

2016-11-16 13:10:29 UTC

Modified:

2016-12-21 20:07:02 UTC

0

Was this article helpful?


Have more questions?

Submit a request

[HUB] MS14-066: Vulnerability in Schannel could allow remote code execution

Information

Microsoft has revealed vulnerability in Microsoft Secure Channel (Schannel) security package in Windows. It affects all modern versions of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1, and Windows RT.

There aren't any known exploits that have actually used this vulnerability yet, however it is highly recommended to install security patch. Please refer to Microsoft TechNet article for details:

MS14-066 - Vulnerability in Schannel Could Allow Remote Code Execution (2992611)

Impact

The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. According to Microsoft security bulletin at the time it was issued, there was no information to indicate that this vulnerability had been publicly used to attack customers.

This security update is rated Critical for all supported releases of Microsoft Windows.

Resolution

To close the vulnerability on Windows-based hosts install the security patch from Windows Update.

For specific Parallels products, here is the list of articles which you may refer to:

Parallels Plesk

Parallels Plesk Automation

Parallels Containers for Windows

Parallels Cloud Server

Parallels Virtual Automation

Parallels Operations Automation + Parallels Business Automation - Enterprise

Parallels Business Automation - Standard

Parallels H-Sphere

Parallels Helm

Have more questions? Submit a request
Please sign in to leave a comment.