Trend Micro Raises Awareness about Microsoft Windows SChannel Vulnerability

Versions dating back to Windows ‘95 susceptible

With the revelation of a nearly two-decade old flaw in Microsoft Windows trend_micro_logoSecure Channel (SChannel), Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in security software and solutions, is recommending to Windows users that they immediately patch their systems to avoid being compromised. Windows SChannel is Microsoft’s delivery platform to securely transfer data and this potential exploit presents a “wormable” situation that could enable attackers to commandeer a system without user interaction.

Christened “Winshock,” the bug received a score of 9.3 out of 10 by the Common Vulnerability Scoring System (CVSS). Based on this classification, and the propensity for attacks following potential exploit announcements, Trend Micro’s Deep Security™ solution provides protection to combat this vulnerability. In addition, Microsoft released a patch on Tuesday.

Similar to the well-documented Heartbleed exploit, this is yet another example of a latent vulnerability that could have far-reaching effects,” said Dhanya Thakkar, Managing Director, India & SEA, Trend Micro. “When news like this breaks, cyber criminals go into hyperdrive developing attacks to take advantage of the flaw. As such, it’s important to quickly respond to avoid system disruption and compromise. We are urging our customers to make addressing this bug a top priority and we have provided resources accordingly to complement the latest Microsoft patches.”

Trend Micro experts recommend the following action:

  •  Install Microsoft patches immediately
  • Use a browser other than Internet Explorer to reduce risks
  •  Employ newer versions of Windows platforms, supported by Microsoft

Trend Micro Deep Security is equipped to protect enterprises against these types of attacks with rule DSRU14-035 covering the CVE-2014-6332 vulnerability.

Filed in: News

Related Posts

Bookmark and Promote!

© 2019 ItVoice | Online IT Magazine India. All rights reserved.
Powered by IT Voice