| VID |
26540 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Hotfix (MS10-085, 2207566) for 'Vulnerability in SChannel Could Allow Denial of Service' has not been applied.
This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow denial of service if an affected system received a specially crafted packet message via Secure Sockets Layer (SSL). By default, all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not configured to receive SSL network traffic. The security update addresses the vulnerability by changing the way that SChannel processes protocol requests while handling incoming SSL connections.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/Bulletin/MS10-085.mspx
* Platforms Affected:
Windows Server 2003 SP2
Windows Vista SP1 and SP2
Windows Vista x86 SP1 and SP2
Windows Server 2008 and SP2
Windows Server x64 2008 and SP2
Windows Server for Itanium-based
Windows 7
Windows 7 x64
Windows Server x64 2008 R2
Windows Server 2008 R2 for Itanium-based |
| Recommendation |
Apply the appropriate patch (2207566) for your system, as listed in Microsoft Security Bulletin MS10-085 at http://www.microsoft.com/technet/security/bulletin/ms10-085.mspx |
| Related URL |
CVE-2009-3229 (CVE) |
| Related URL |
43780 (SecurityFocus) |
| Related URL |
(ISS) |
|
