Microsoft has published a critical update to the Schannel component in all versions of Windows. Reports are suggesting this vulnerability is on the same scale as Heartbleed and Shellshock vulnerabilities that effected open-source platforms earlier this year.
This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.
This security update is rated Critical for all supported releases of Microsoft Windows.
System Administrators are being urged to take this security bulletin very seriously and apply the patch as soon as possible to all affected systems. Windows computers providing server-type functions are more likely to be targeted by attackers than desktop systems, although all current versions of Windows contain the vulnerable Schannel library.