MS15-121: Security Update for Schannel to Address Spoofing (3081320)
Medium Nessus Plugin ID 86827
SynopsisThe remote Windows host is affected by a spoofing vulnerability.
DescriptionThe remote Windows host is affected by a spoofing vulnerability due to a weakness in the Secure Channel (SChannel) TLS protocol implementation. A man-in-the-middle attacker can exploit this vulnerability to impersonate a victim on any other server that uses the same credentials as those used between the client and server where the attack is initiated.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, RT, 2012, 8.1, RT 8.1, and 2012 R2.