Microsoft Windows SChannel Could Allow Spoofing Vulnerability ( 11 March 2009 )

Impact

• Spoofing

System / Technologies affected

• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Service Pack 3
• Microsoft Windows XP Professional x64 Edition
• Microsoft Windows XP Professional x64 Edition Service Pack 2
• Microsoft Windows Server 2003 Service Pack 1
• Microsoft Windows Server 2003 Service Pack 2
• Microsoft Windows Server 2003 x64 Edition
• Microsoft Windows Server 2003 x64 Edition Service Pack 2
• Microsoft Windows Server 2003 SP1 (Itanium)
• Microsoft Windows Server 2003 SP2 (Itanium)
• Microsoft Windows Vista
• Microsoft Windows Vista Service Pack 1
• Microsoft Windows Vista x64 Edition
• Microsoft Windows Vista x64 Edition Service Pack 1
• Microsoft Windows Server 2008 (32-bit)
• Microsoft Windows Server 2008 (x64)
• Microsoft Windows Server 2008 (Itanium)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

• Microsoft Windows 2000 Service Pack 4
• Windows XP Service Pack 2
• Windows XP Service Pack 3
• Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2
• Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2
• Windows Server 2003 x64 Edition and Windows Server 2003 x64 Edition Service Pack 2
• Windows Server 2003 with SP1 for Itanium-based Systems and Windows Server 2003 with SP2 for Itanium-based Systems
• Windows Vista and Windows Vista Service Pack 1
• Windows Vista x64 Edition and Windows Vista x64 Edition Service Pack 1
• Windows Server 2008 for 32-bit Systems
• Windows Server 2008 for x64-based Systems
• Windows Server 2008 for Itanium-based Systems

Vulnerability Identifier

• CVE-2009-0085

Source

• Microsoft
• VUPEN
• Secunia

Related Link

• http://www.microsoft.com/technet/security/Bulletin/MS09-007.mspx
• http://www.vupen.com/english/advisories/2009/0660
• http://secunia.com/advisories/34215/