Microsoft released security bulletin MS14-066.
Microsoft has revealed vulnerability in Microsoft Secure Channel (Schannel) security package in Windows. It affects all modern versions of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1, and Windows RT. There are not any known exploits that have actually used this vulnerability yet.
Detailed information for this security bulletin can be obtained from the following TechNet article:
The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. When Microsoft security bulletin was issued, there was no information to indicate that this vulnerability had been publicly used to attack customers.
This security update is rated Critical for all supported releases of Microsoft Windows.
This guide contains instructions how to install Update KB2992611 on a Parallels Virtuozzo Containers for Windows servers.
KB2992611 contains new system drivers, thus it requires corresponding VZU update which provides support for the it to be installed. Below you may find a compatibility table.
|PVC version||PVC Update that provides compatibility for KB2992611|
|PCW 6.0||Compatible since VZU600016|
|PVCfW 4.6||Compatible since VZU460078|
For Compatible versions
Install latest available VZU update
Reboot the Hardware Node
- Reboot Hardware Node
For the hosts that reached Windows Support Pack End-Of-Life:
If no Windows updates are detected after installing the VZU update, please check the following article:
Windows updates are not detected: Windows Service Pack reached End-Of-Life .
For Incompatible PVC versions:
PVCfW versions that reached End of Life are considered incompatible - updates with support for KB2992611 will not be released. Therefore, if you're using PVCfW 4.0 or PVCfW 4.5, you'll need to upgrade up to PVCfW 4.6 in order to be able to install the update.
For upgrade instructions refer to documentation.