Windows yesterday published a critical security bulletin addressing a vulnerability that, according to researches at IBM, has been “sitting in plain sight.” Microsoft has also released an update to patch the vulnerability.

IBM reported the bug privately to Microsoft in May, noting that it “could allow remote code execution if an attacker sends” a very specific set of code to your Windows server, allowing the attacker to “reliably run code remotely and take over the user’s machine”.

Who is affected?

The vulnerability affects just about all Windows platforms out in the wild today:

What are we doing about it?

If you’re a CompuCARE client, you’re covered. Our platform started rolling out the patch to your computers last night, and we expect the roll-out to be complete by tomorrow morning. Nothing to do but sit back, relax, and let us handle the stressful bits.

Update rollout status

What can you do about it?

If you’re not a CompuCARE client, we suggest you immediately take one of the following actions:

There is some good news

According to Gizmodo, as of now “Microsoft isn’t aware of anyone actually taking advantage of this vulnerability.”

Vulnerability FAQ

Microsoft offered the following FAQ about this vulnerability:

  • What might an attacker use the vulnerability to do?
    • An attacker who successfully exploited this vulnerability could run arbitrary code on a target server.
  • How could an attacker exploit the vulnerability?
    • An attacker could attempt to exploit this vulnerability by sending specially crafted packets to a Windows server.
  • What systems are primarily at risk from the vulnerability?
    • Server and workstation systems that are running an affected version of Schannel are primarily at risk.