Security 10745 Published by

Microsoft updated the following security bulletin:

- MS10-085 - Important: Vulnerability in SChannel Could Allow Denial of Service (2207566) - Version:2.0



MS10-085 - Important: Vulnerability in SChannel Could Allow Denial of Service (2207566) - Version:2.0
Severity Rating: Important - Revision Note: V2.0 (October 18, 2010): Corrected the bulletin text to clarify that the vulnerability can be exploited on affected systems that are configured to receive SSL network traffic. This is an informational change only. Customers who have already successfully updated their systems, including customers with automatic updating enabled, do not need to take any action. Customers who have not installed this update previously may need to reassess whether their systems require this update based on the vulnerability information as revised.

Summary: This security update resolves a privately reported vulnerability in the Secure Channel (SChannel) security package in Windows. The vulnerability could allow denial of service if an affected system received a specially crafted packet message via Secure Sockets Layer (SSL). By default, all supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are not configured to receive SSL network traffic.
Read more