Skip to main content

Microsoft Windows SChannel Could Allow Spoofing Vulnerability ( 11 March 2009 )

Last Update Date: 28 Jan 2011 Release Date: 11 Mar 2009 4059 Views

RISK: Medium Risk

A spoofing vulnerability exists in the Microsoft Windows SChannel authentication component when using certificate based authentication. An attacker who successfully exploited this vulnerability would be able to authenticate to a server using only an authorized user¡¦s digital certificate and without the associated private key.


Impact

  • Spoofing

System / Technologies affected

  • Microsoft Windows 2000 Service Pack 4
  • Microsoft Windows XP Service Pack 2
  • Microsoft Windows XP Service Pack 3
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows XP Professional x64 Edition Service Pack 2
  • Microsoft Windows Server 2003 Service Pack 1
  • Microsoft Windows Server 2003 Service Pack 2
  • Microsoft Windows Server 2003 x64 Edition
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2
  • Microsoft Windows Server 2003 SP1 (Itanium)
  • Microsoft Windows Server 2003 SP2 (Itanium)
  • Microsoft Windows Vista
  • Microsoft Windows Vista Service Pack 1
  • Microsoft Windows Vista x64 Edition
  • Microsoft Windows Vista x64 Edition Service Pack 1
  • Microsoft Windows Server 2008 (32-bit)
  • Microsoft Windows Server 2008 (x64)
  • Microsoft Windows Server 2008 (Itanium)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch


Vulnerability Identifier


Source


Related Link