SChannel Update and Experimental Vulnerability Scanner (MS14-066)

Published: 2014-11-14
Last Updated: 2014-11-14 13:19:35 UTC
by Johannes Ullrich (Version: 1)
6 comment(s)

Just a quick update on the SChannel problem (MS14-066, CVE-2014-6321). So far, there is still no public available exploit for the vulnerability, and details are still sparse. But apparently, there is some progress in developing a working exploit. For example, this tweet by Dave Aitel :

Overall: Keep patching, but I hope your weekend will not be disrupted by a major new exploit being released.

Emerging Threats also released some public/free snort rules that promise to cover the various vulnerabilities patched by MS14-066. (

I also got a VERY experimental scanner that may be helpful scanning for unpatched hosts. This scanner does not scan for the vulnerability. Instead, it scans for support for the 4 new ciphers that were added with MS14-066. Maybe someone finds it helpful. Let me know if it works. It is a bash script and uses openssl on Unix. You will need at least openssl version 1.0.1h (and you need to connect directly to the test server, not a proxy).

See:  (sig:

feedback welcome.


Johannes B. Ullrich, Ph.D.

6 comment(s)


Some systems we've patched show the new GCM ciphers, however, others don't.

Have a feeling the GCM ciphers only appear for TLSv1.2, which may or may not be enabled, depending on other aspects of the server config.

Also, the MS14-066 advisory mentions adding 4 GCM ciphers, whereas one of your 4 doesn't look to be GCM, so I'm not sure how it fits in.

Unfortunately, it seems the Snort rules from Emerging Threats are not open, only available for Pro subscribers.
User-defined signatures for McAfee NSM will be released here as soon as they get them written. It's just for NSM and requires you be registered with McAfee support (not free either).
If anybody knows of a free set of signatures, I'd like to get my hands on them.
There appears to be additional progress being made on an exploit. The evidence suggests that Windows 2003 in particular could be exploited:

In one case, the author threatens to anonymously publish the exploit code if Microsoft does not change the exploitability assessment to 0- Exploitation Detected by the end of Friday, 11/14/14.

"Microsoft has until the end of day Friday the 14th to change MS14-066 Exploit-ability Assessment to "0- Exploitation Detected". If they do not, I will anonymously distribute "The Exploit"."
I think it's correct that the new ciphers require TLS 1.2 to be enabled. That seems to be disabled by default on Windows 2012 and Windows 2008 R2, and not supported on any older platforms. Also, I think Windows 2012 R2 already supported these ciphers prior to this hotfix.
There was a respin done on MS14-066 to fix the reported issues. Here is the announcement:

MS14-066 - Critical
- Reason for Revision: V2.0 (November 18, 2014): Bulletin revised to announce the reoffering of the 2992611 update to systems running Windows Server 2008 R2 and Windows Server 2012. The reoffering addresses known issues that a small number of customers experienced with the new TLS cipher suites that were included in the original release. Customers running Windows Server 2008 R2 or Windows Server 2012 who installed the 2992611 update prior to the November 18 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information.
- Originally posted: November 11, 2014
- Updated: November 18, 2014
- Bulletin Severity Rating: Critical
- Version: 2.0

Diary Archives