B-3-YP45RV

Schannel Vulnerability

Blog Post created by B-3-YP45RV Employee on Nov 17, 2014

What is Schannel:

Just like OpenSSL implements SSL on many Unix systems, Schannel is the standard SSL library that provides SSL and TLS on Microsoft Windows platforms.

 

Schannel Vulnerability:

Due to a flaw in Schannel (CVE-2014-6321), a remote attacker could execute arbitrary code on both client and server applications; and compromise the vulnerable systems.

Microsoft has indicated that currently there are no known publicly available exploits and developing exploit code will be challenging. Blackhats love challenges

 

Akamai's Perspective:

Akamai's globally distributed platform runs on customize Unix platform and uses OpenSSL; and is not prone to this vulnerability. For customer's origin running Microsoft Windows servers, our edge servers negotiate SSL with the end user's browser (attacker) and doesn't expose the vulnerable origin to the end user (attacker).

However, an attacker can exploit this vulnerability by performing direct to origin attack and it is highly recommended to use SiteShield for prevention against direct to origin attacks.

 

Good Reads:

http://www.kb.cert.org/vuls/id/505120

http://msdn.microsoft.com/en-us/library/windows/desktop/aa380123(v=vs.85).aspx

Outcomes