Vulnerability Protection

Vulnerability in SChannel Could Allow Spoofing

Summary

A vulnerability involving SChannel could, if successfully exploited, lead to address spoofing. 

Detailed Description


Microsoft has released a security update to address a vulnerability involving SChannel in Microsoft Windows. The vulnerability was caused by a weakness in the TLS protocol. An attacker who successfully exploits this vulnerability could be able to impersonate a victim on any server using the same credentials as those used between the client and server where the attack first took place. 

CVE Reference


  • CVE-2015-6112 

Solution


Install the latest security patch for applicable systems, available for download from https://technet.microsoft.com/en-us/library/security/MS15-121

Source


Microsoft Security Bulletin MS15-121

Get Support

For documentation and product support, visit our support site.

Go Support

F-Secure Community

Give advice. Get advice. Share the knowledge on our free discussion forum.

Go Community