Skip to content ↓ | Skip to navigation ↓

Microsoft’s November 2014 security bulletins brought a dizzying number of fixes; however, one vulnerability stood out in everyone’s minds.

MS14-066 addressed a remote code execution issue with Microsoft SChannel, which provides SSL capabilities to Microsoft third-party products. Like other SSL bugs discovered this year, the vulnerabilities patched in MS14-066 have the potential to be huge.

Why exactly are these vulnerabilities so dangerous?

Listen to our latest Security Slice podcast and hear Tyler RegulyLane ThamesKen Westin and Craig Young discuss why this vulnerability isn’t getting Heartbleed-like media attention in spite of its potential impact and why businesses should patch this bug first.






picCheck out Tripwire SecureScan™, a free, cloud-based vulnerability management service  for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Shellshock and Heartbleed vulnerability.

picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

Title image courtesy of ShutterStock

Tripwire University