---------------------------------------------------------------------- Did you know? Our assessment and impact rating along with detailed information such as exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list? Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Microsoft Windows SChannel Authentication Bypass SECUNIA ADVISORY ID: SA34215 VERIFY ADVISORY: http://secunia.com/advisories/34215/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security mechanisms. The vulnerability is caused due to insufficient validation of certain TLS (Transport Layer Security) handshake messages by the SChannel (Secure Channel) authentication component during certificate-based authentication. This can be exploited to bypass authentication using the public component of a user’s authentication credential. SOLUTION: Apply patches. Windows 2000 SP4: http://www.microsoft.com/downloads/details.aspx?familyid=bf7065bc-c183-4a78-8d46-72fe7385c07c Windows XP SP2: http://www.microsoft.com/downloads/details.aspx?familyid=942d87f6-3cb1-4d36-a70a-70d9c34488f3 Windows XP SP3: http://www.microsoft.com/downloads/details.aspx?familyid=942d87f6-3cb1-4d36-a70a-70d9c34488f3 Windows XP Professional x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=6d02306e-9e2e-4ae8-bd21-8a2c1a229472 Windows Server 2003 SP1/SP2: http://www.microsoft.com/downloads/details.aspx?familyid=0b3f6fdd-276e-4267-99d8-8f00d91ad6a2 Windows Server 2003 x64 Edition (optionally with SP2): http://www.microsoft.com/downloads/details.aspx?familyid=ce98ff55-f565-469d-bbd2-32b681faf908 Windows Server 2003 with SP1/SP2 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=5ca3c72c-cadb-4b0a-b3a3-fb81d0bfd7b3 Windows Vista (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=21086a04-402a-4940-8358-7fa63508102b Windows Vista x64 Edition (optionally with SP1): http://www.microsoft.com/downloads/details.aspx?familyid=c75a2ea9-b42f-457b-be09-5c8fa0339388 Windows Server 2008 for 32-bit Systems: http://www.microsoft.com/downloads/details.aspx?familyid=47b361ce-624b-466c-b5c5-8703f6532615 Windows Server 2008 for x64-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=5c81ac45-60e6-4121-ab6b-d3b3179aacc4 Windows Server 2008 for Itanium-based Systems: http://www.microsoft.com/downloads/details.aspx?familyid=bf8f5a86-1757-4f9b-b632-d4aa7005a9f8 PROVIDED AND/OR DISCOVERED BY: The vendor credits: * Secretaria da Fazenda do Estado do Rio Grande do Sul * Cia de Processamento de Dados do Estado do Rio Grande do Sul ORIGINAL ADVISORY: MS09-007 (KB960225): http://www.microsoft.com/technet/security/Bulletin/MS09-007.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------