Intrusion Prevention

MS.Windows.Schannel.Security.Package.Code.Execution

Description

This indicates an attack attempt against a remote code execution vulnerability in Microsoft Windows Schannel.
The vulnerability is caused by improper validation of digital signatures from remote server. It could allow remote attacker to exploit this vulnerability by visiting malicious web site. Successful exploitation could allow remote code execution or cause denial of service.

Affected Products

Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 SP2 (Itanium)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.microsoft.com/technet/security/Bulletin/ms07-031.mspx

CVE References

CVE-2007-2218