Welcome to the Virus Encyclopedia of Panda Security.
|worm, Trojan or backdoor. It is an important vulnerability in the Windows SChannel on Windows Server 2008/Vista/2003/XP/2000 computers, which allows spoofing.|
The Schannel (Secure Channel) is part of the security package that provides an authentication service to allow secure communications between client and server.
If exploited successfully, MS09-007 allows an attacking user to impersonate another user and authenticate against a protected server using the public component of the user's authentication credential.
MS09-007 is usually exploited by gaining access to the public component of the actual certificate used by the end user for authentication.
If you have a Windows Server 2008/Vista/2003/XP/2000 computer, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.
Bear in mind that for certain operating system versions this security patch replaces a previous one, called MS07-031.