Users of Windows 2003/2008/2012, as well as Vista, 7, 8, 8.1, and Windows RT, could be under attack from a bug which Microsoft reported could “allow remote code execution if an attacker sends specially crafted packets to a Windows server.”

Machines are vulnerable in the Secure Channel (Schannel) security package in Windows, says Microsoft, from threats that are able to remotely send data packets to your computer by running arbitrary code on a target server. The Schannel library deals with encryption and authentication in Windows.

Once your computer has been infected Microsoft reported that there is as yet no turnaround or mitigation possible. The Redmond company has asked that users install the security patch immediately, via an update known as the MS14-066 patch. Windows users should also run a scheduled update.

So far there’s been no record of attacks on the general public, but a stitch in time in this case could save your machine from impending disaster. This new scare may bring back bad memories of the notorious Heartbleed bug last April, which would have allowed hackers to spy on your computer.

In an updated bulletin, Microsoft revealed the most severe damage from an attack. Some of these details included, “If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

A full list of vulnerabilities is listed, and they are scary enough. We suggest you update now.

photo credit: Brian Klug via photo pin cc