Microsoft, today patched a critical windows vulnerability which affects all modern computers starting from windows 7 which scales almost equal to Heartbleed SSL vulnerability. The patch is MS14-066, or technically known as “Vulnerability in Schannel Could Allow Remote Code Execution,” which affects Windows Server 2003/2008/2012, Vista, 7, 8, 8.1 and Windows RT.
This is particularly bad as the hole itself is in the Schannel library, which is the layer that handles encryption and authentication in Windows, particularly for HTTP applications.
The good news is that Microsoft says there is no evidence this bug has been exploited in the wild and there’s a patch out right now on Windows Update. Server admins, prepare for a long day.
More information available here. MS14-066
