Remote code execution vulnerabilities in SChannel - MS10-049ID: oval:org.secpod.oval:def:1245 | Date: (C)2011-06-21 (M)2024-02-19 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS10-049. The update is required to fix remote code execution vulnerabilities. Flaws are present in the the Secure Channel (SChannel) which fails to validate a malformed certificate request message sent by the server. Successful exploitation allows an attacker to gain sensitive information such as same user rights as the logged-on user.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |