MS10-085: Vulnerability in SChannel Could Allow Denial of Service (2207566)
High Nessus Plugin ID 49962
SynopsisThe remote Windows host has a denial of service vulnerability.
DescriptionThe remote Windows host is running a version of the Secure Channel (SChannel) security package that is affected by a denial of service vulnerability. This flaw exists in the way that SChannel processes client certificates.
A remote attacker could send a specially crafted network packet to the host that would cause the LSASS service to stop responding and the system to restart.
SolutionMicrosoft has released a set of patches for Windows XP, 2003, Vista, 2008, 7, and 2008 R2.