Microsoft’s November 2014 security bulletins brought a dizzying number of fixes; however, one vulnerability stood out in everyone’s minds.
MS14-066 addressed a remote code execution issue with Microsoft SChannel, which provides SSL capabilities to Microsoft third-party products. Like other SSL bugs discovered this year, the vulnerabilities patched in MS14-066 have the potential to be huge.
Why exactly are these vulnerabilities so dangerous?
Listen to our latest Security Slice podcast and hear Tyler Reguly, Lane Thames, Ken Westin and Craig Young discuss why this vulnerability isn’t getting Heartbleed-like media attention in spite of its potential impact and why businesses should patch this bug first.
CLICK HERE TO LISTEN TO THE PODCAST
- Security Slice: Worried About Wirelurker
- Security Slice: Harsh Security Lessons
- Security Slice: Command and Control Evolution
- Security Slice: I Spy with the FBI
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock