F-Secure
Tools
Microsoft Window Secure Channel (SChannel) Vulnerabilities
| Report ID: | SA201006489 |
| Source: | F-Secure |
| Date of Discovery: | 10.08.2010 |
| Criticality: | Critical |
| Affects: | Windows XP Windows Server 2003 Windows Vista Windows Server 2008 Windows 7 Windows Server 2008 R2 |
| Compromise From: | From remote |
| Compromise Type: | Spoofing Remote code execution |
Summary
Two reported vulnerabilities in Microsoft Windows Secure Channel (SChannel) could lead to spoofing and remote code execution.
Detailed Description
Microsoft has reported two vulnerabilities in Windows Secure Channel (SChannel), which could separately be exploited by an attacker to spoof an authenticated client and to execute arbitrary code.
The two reported vulnerabilities are as follows:
• A TLS/SSL renegotiation vulnerability is caused by an attacker abusing the renegotiation functionality defined by the TLS protocol. A successful exploit of this vulnerability could allow the attacker to introduce information on a TLS/SSL protected connection; thus, spoofing the authenticated client.
• A SChannel malformed certificate request vulnerability, caused by insufficient validation of certificate request messages sent by the server, could allow an attacker to run arbitrary code and take control of an affected system.
Solution
Install the latest update for applicable system.
*Server Core installation affected.
Original Reference
Microsoft Security Bulletin MS10-049 (http://www.microsoft.com/technet/security/bulletin/MS10-049.mspx)
CVE Reference
CVE-2009-3555
CVE-2010-2566
CVE-2010-2566