Microsoft has revealed vulnerability in Microsoft Secure Channel (Schannel) security package in Windows. It affects all modern versions of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1, and Windows RT.
There aren't any known exploits that have actually used this vulnerability yet, however it is highly recommended to install security patch. Please refer to Microsoft TechNet article for details:
The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. According to Microsoft security bulletin at the time it was issued, there was no information to indicate that this vulnerability had been publicly used to attack customers.
This security update is rated Critical for all supported releases of Microsoft Windows.
Please check the network adapter installed in system. If it is "Parallels Virtual Network Adapter", then you are inside Parallels Virtuozzo Container; please proceed with the instructions from the corresponding article. Otherwise, please proceed with step 2.
- To close the vulnerability on physical hosts and virtual machines simply install the security patch from Windows Update. If you are not the owner of the physical host, contact the service provider with the request to have the vulnerability closed.