In light of the “potentially catastrophic bug” that has been reported to be targeting all versions of Windows, Gavin Millard, EMEA Technical Director for Tenable Network Security, comments:
“Whilst no proof of concept code has surfaced yet, due to Microsoft thankfully being tight-lipped on the exact details of the vulnerability, it won’t be long until one does which could be disastrous for any admin that hasn’t updated. It is of critical importance that all versions of Windows are updated due to the ability of attackers to execute code on the server remotely, allowing them to gain privileged access to the network and lead to further exploitation such as infect hosts with malware or rootkits and the exfiltration of sensitive data.
“Is “WinShock” as bad as ShellShock and Heartbleed? At the moment, due to the lack of details and proof of concept code it’s hard to say, but a remote code execution vulnerability affecting all versions of Windows server on a common component like Schannel is up there with the worst of them.
“As per usual with the “Bug Du Jour”, it is of upmost importance that every system in the environment is identified and patched, if required, to reduce the risk of data loss from targeted attackers and the impact of any worms or malware that may surface over the coming days.”