This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a remote code execution vulnerability in Microsoft Secure Channel.
Microsoft Secure Channel (Schannel) security package is a Security Support Provider (SSP) that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols.
Microsoft Secure Channel is prone to a remote code-execution vulnerability because it fails to properly handle specially crafted packets.
An attacker can leverage this issue to execute arbitrary code in the context of the target server. Failed exploit attempts will result in denial-of-service conditions.
- Various Microsoft Platforms