----------------------------------------------------------------------

Did you know? Our assessment and impact rating along with detailed
information such as exploit code availability, or if an updated patch
is released by the vendor, is not part of this mailing-list?
        
Click here to learn more about our commercial solutions:
http://secunia.com/advisories/business_solutions/
        
Click here to trial our solutions:
http://secunia.com/advisories/try_vi/

----------------------------------------------------------------------

TITLE:
Microsoft Windows SChannel Authentication Bypass

SECUNIA ADVISORY ID:
SA34215

VERIFY ADVISORY:
http://secunia.com/advisories/34215/

DESCRIPTION:
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to bypass certain security mechanisms.

The vulnerability is caused due to insufficient validation of certain
TLS (Transport Layer Security) handshake messages by the SChannel
(Secure Channel) authentication component during certificate-based
authentication. This can be exploited to bypass authentication using
the public component of a user’s authentication credential.

SOLUTION:
Apply patches.

Windows 2000 SP4:
http://www.microsoft.com/downloads/details.aspx?familyid=bf7065bc-c183-4a78-8d46-72fe7385c07c

Windows XP SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=942d87f6-3cb1-4d36-a70a-70d9c34488f3

Windows XP SP3:
http://www.microsoft.com/downloads/details.aspx?familyid=942d87f6-3cb1-4d36-a70a-70d9c34488f3

Windows XP Professional x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=6d02306e-9e2e-4ae8-bd21-8a2c1a229472

Windows Server 2003 SP1/SP2:
http://www.microsoft.com/downloads/details.aspx?familyid=0b3f6fdd-276e-4267-99d8-8f00d91ad6a2

Windows Server 2003 x64 Edition (optionally with SP2):
http://www.microsoft.com/downloads/details.aspx?familyid=ce98ff55-f565-469d-bbd2-32b681faf908

Windows Server 2003 with SP1/SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=5ca3c72c-cadb-4b0a-b3a3-fb81d0bfd7b3

Windows Vista (optionally with SP1):
http://www.microsoft.com/downloads/details.aspx?familyid=21086a04-402a-4940-8358-7fa63508102b

Windows Vista x64 Edition (optionally with SP1):
http://www.microsoft.com/downloads/details.aspx?familyid=c75a2ea9-b42f-457b-be09-5c8fa0339388

Windows Server 2008 for 32-bit Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=47b361ce-624b-466c-b5c5-8703f6532615

Windows Server 2008 for x64-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=5c81ac45-60e6-4121-ab6b-d3b3179aacc4

Windows Server 2008 for Itanium-based Systems:
http://www.microsoft.com/downloads/details.aspx?familyid=bf8f5a86-1757-4f9b-b632-d4aa7005a9f8

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
* Secretaria da Fazenda do Estado do Rio Grande do Sul
* Cia de Processamento de Dados do Estado do Rio Grande do Sul

ORIGINAL ADVISORY:
MS09-007 (KB960225):
http://www.microsoft.com/technet/security/Bulletin/MS09-007.mspx

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------