MS15-031 - Important: Vulnerability in Schannel Could Allow Security Feature Bypass...

Discussion in 'Security Alerts' started by News, Mar 11, 2015.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,187
    Likes Received:
    20
    Severity Rating: Important
    Revision Note: V1.0 (March 10, 2015): Bulletin published.
    Summary: This security update resolves a vulnerability in Microsoft Windows that facilitates exploitation of the publicly disclosed FREAK technique, an industry-wide issue that is not specific to Windows operating systems. The vulnerability could allow a man-in-the-middle (MiTM) attacker to force the downgrading of the key length of an RSA key to EXPORT-grade length in a TLS connection. Any Windows system using Schannel to connect to a remote TLS server with an exploitable cipher suite is affected.

    Continue reading...
     

Share This Page

Loading...