MS.IIS.SChannel.Certificate.Verify.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in the Secure Channel (SChannel) security package in Microsoft Windows.
The vulnerability is caused by improper processing of client certificates during SSL and TLS handshakes. An attacker may exploit this to cause the system to crash, causing a denial-of-service condition.
Affected Products
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the following update from the vendor:
http://www.microsoft.com/technet/security/Bulletin/MS10-085.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |