Import Outlook Items from an Outlook Data File (.pst)

When you want to migrate Outlook messages, contacts, calendar items, tasks, and notes from one computer to another or restore a backup of your Outlook data, the Import and Export Wizard is the easiest way to complete the task.

  1. Click the File tab.
  2. Click Open.
  3. Click Import.
  4. In the Import and Export Wizard, click Import from another program or file, and then click Next.
  5. Click Outlook Data File (.pst), and then click Next.
  6. Click Browse, and then choose the file to import.

Note Under Options, it is recommended that you click Do not import duplicates unless you want the imported information to replace or duplicate items already in Outlook.

  1. Click Next.
  2. If a password was assigned to the Outlook Data File (.pst), you are prompted to enter the password, and then click OK.
  3. Set the options for importing items. The default settings usually don’t need to be changed.
  • The top folder — usually Personal FoldersOutlook Data File, or your email address — is selected automatically.
  • Include subfolders is selected by default. All folders under the folder selected will be imported.
  • The default selection of Import items into the same folder in matches the folders from the imported file to the folders in Outlook. If a folder doesn’t exist in Outlook, it will be created.
  1. Click Finish.

Tip: If you want to import or restore only a few items from an Outlook Data File (.pst), an easier way is to open the Outlook Data File, and then in the Navigation Pane (Navigation Pane: The column on the left side of the Outlook window that includes panes such as Shortcuts or Mail and the shortcuts or folders within each pane. Click a folder to show the items in the folder.) click and drag the items from Outlook Data File folders to your existing Outlook folders. For more information on opening an Outlook Data File, see Open, change, or close Outlook data files.

Migrate Google Calendar and Contacts to another Google Account

Calendar Entries

On Gmail calendar, go to Settings -> Calendars -> Export Calendars to download a ZIP of your calendars in ICAL format.

On Google Apps calendar, go to Settings -> Calendars -> Import calendar and import the ICAL entries to your calendar.

Contacts

To preserve contact groups, each group needs to be migrated individually.

On Gmail contacts, use the Export option to export each group in Google’s CSV format. Then export one more CSV of “Everyone (All Contacts)”

On Google Apps contacts, use the Import option to import the CSV of Everyone, leaving the  “Add these imported contacts to: ” option unchecked. Then, use the Import option to import each group in turn, checking the “Add these imported contacts to: New Group… ” option, and enter the name of the group.

How to Manually Remove the LTS Service for LabTech

Step(s) to Resolution

Click here to use ConnectWise Automate™ Agent Uninstaller

Manually make changes on the machine

Changes have to be made at four different locations on the local machine in the following order.

1. Services.msc

  1. Click Start, and select Control Panel.
  2. Select Administrative Tools.
  3. Click Services.
  4. Select ‘LabTech Monitoring Services’ and stop the service.
  5. Select ‘LabTech Monitoring Services CheckUp Util’ and stop the service.
  6. From a command prompt, run the following two commands to remove the services from the service list.
    • ‘sc delete ltservice’
    • ‘sc delete ltsvcmon’

2. Registry Editor

  1. From the registry editor remove the registry keys located underHKLM\Software\LabTech. If running a 64-bit OS, remove keys that may exist under HKLM\Software|Wow6432Node\LabTech.

3. Task Manager

  1. Right-click task bar.
  2. Select Start Task Manger.
  3. Under Processes tab, select ‘LTTray.exe’.
  4. Click End Process.

4. LTSvc file

  1. Go to c:\Windows.
  2. Right-click LTSvc and select Delete.
  3. Restart the machine.

Reset Domain Administrator Password using Command Line and RMM

We had a customer who likes to change the administrator password.  One day the password was changed and forgotten.  We have RMM with service level access to the server, but could not log in to the server using the standard administrator username and password.  We also neglected to set up a separate username and password for account recovery.

So, our only alternative was to reset the username and password via the command prompt.  Using NinjaRMM at the service level, we were able to open a command prompt and reset the domain username and password.  We found the article here from Top Password:  https://www.top-password.com/knowledge/reset-domain-administrator-password-in-windows-server-2012.html which helped with the steps below:

1.  Login to your RMM service
2.  Open command prompt as system service, not logged on user
3.  type “net user Administrator P@ssword123 /domain” (change the P@ssword123 to your desired password)
4.  You should see “The command completed successfully.”

How to Remove Saved Passwords from a Web Browser

Storing your Onyen password for University sites in your Web browser’s saved password list can expose the data it protects to anyone else who uses your computer, and possibly to others on the Internet. This can be a major issue especially for HIPAA departments or departments who access sensitive information. In order to remove stored passwords for your web browser please follow the instructions below based on whether you are using Internet Explorer, Safari, Firefox, or Google Chrome.

How to Remove Passwords in All Types of Browsers and OS

Internet Explorer (Win 7/8)

When you enter a username and password for Internet Explorer that it has not already stored for a website, it will ask if you want Internet Explorer to remember the password.

  • Click on Not for this site button on the pop-up menu.
  • This will set Internet Explorer not to prompt you to save this password for this site.

To remove individual passwords: when using IE 6-8(only) and a saved password is pre-filled on your screen, simply highlight the username that displays there, and press the Delete key to remove just that one username/password combination from IE. Internet Explorer will then prompt you to confirm that you do want to delete it.

Win 8: Internet explorer has a Manage Password or Web Credentials Manager.

To access this please do the following:

  1. Open the Tools menu.
  2. Select Internet Options.
  3. Click Content.
  4. Under AutoComplete, click Settings.
  5. Click on Manage Passwords
  6. Click on the Web Credentials Manager
  7. Click on the drop down arrow by the web site you want to remove the password.
  8. Click on Remove.

Win 7: Internet Explorer 9-11

To remove one password:

1. Go to the login page and type the first letter of the username into the name field.2. In the drop-down list, select the name by putting the pointer on it.

3. Hit the Delete key and answer “yes” to the dialog.

To remove all the saved passwords:

  1. Open the Tools menu.
  2. Select Internet Options.
  3. Click Content.
  4. Under AutoComplete, click Settings.
  5. Click Delete AutoComplete history…

To prevent Auto-Complete in the future, make sure Auto-Complete is deselected for User names and passwords on forms, and then click on OK.

Safari (Mac OS X 10.6 – 10.9)

To remove an individual or multiple site passwords:

  1. Open the Safari menu.
  2. Select Preferences.
  3. Switch to the Autofill tab.
  4. Click the Edit button for Usernames and Passwords.
  5. Delete the entry that corresponds with the site you want to remove.

Firefox (Mac OS X 10.6 – 10.9 and Win 7/8)

When you enter a username and password for Firefox that it has not already stored for a website, it will ask if you want Firefox to remember the password.

  • Click on the drop down menu and select Never Remember Password for this Site.
  • This will set Firefox not to prompt you to save this password for this site.

To remove an individual or multiple site passwords:

Please visit Mozilla’s support page for instructions.

Google Chrome (Mac OS X 10.6 – 10.9 and Win 7/8)

To remove an individual or multiple site passwords:

  1. Click on the Menu Icon in the upper right corner.
  2. Click on Settings.
  3. Click on Show Advanced Settings link at the bottom.
  4. UN-check the box by Offer to save your web passwords button.
  5. Click the Managed Saved Passwords.
  6. Under the Saved Passwords box highlight the site you want to remove the password from, then click on the Xbutton.

For more information, visit the following site:

http://help.unc.edu/help/how-to-remove-saved-passwords-from-a-web-browser/ 

Last Updated: November 25, 2014

How to reset your OS X Password

Some of you asked how to change the user password in OS X 10.7, 10.8, 10.9, or 10.10 because the System Preferences option to do it was removed with the Lion release.

With Mac OS X Snow Leopard and older Mac OS, the installer disc allows you to change the user password pressing Utilities > Password Reset. In Lion, it was deleted, but you can change it with easy steps. There are two ways to reset the user password in OS X Lion, Mountain Lion or Mavericks:

On Mac OS X:

If you boot in your system, you can change the password. It’s used to change it if you didn’t forget it.

Boot your Mac and open System Preferences > Users and Groups.
You can see the users. Press the user what you want to change the password and select Change Password. You will be asked for your password.

On Recovery:

When you forgot the password and you can’t use OS X, you have to use the new Recovery.

  1. To boot in Recovery system, press Command and R keys during boot and hold the keys until you see the Apple icon. If you have a Mac with Internet Recovery, read > http://support.apple.com/kb/HT4718. If your Mac has a wireless keyboard, hold them when you hear the startup sound.
  2. When it starts, select Utilities > Terminal, and type:

    resetpassword

Press your user and type your password. Finally, reboot.

This doesn’t work for FileVault. If you forget your password with FileVault, you lost your info. Also, you can see if you use Recovery HD or Internet Recovery, or enable it -> http://support.apple.com/kb/HT4904

You can do it with a USB drive > http://support.apple.com/kb/HT4848

Reference:

https://discussions.apple.com/docs/DOC-4101

Internet Explorer 11 Stored Passwords – View and Remove

How to View and Remove Stored Passwords for Websites by Internet Explorer 11 (IE11) (If you have Windows 7, skip to the bottom)

When you visit a website that requires you to sign in to your account—like an email, banking, or shopping site—Internet Explorer will ask if you want your user name and password remembered by storing this info for that website. The next time you visit the site and start entering your user name, Internet Explorer will finish filling in your account info.

Since this info is securely stored in Credential Manager as “Web Credentials” on whatever PC you’re using at the time, you should be careful about using AutoComplete to store passwords for websites on public or shared computers. When you’re using a public or shared PC, make sure AutoComplete and storing passwords for websites is turned off in IE11.

This tutorial will show you how to view and remove all or specific stored passwords for websites by Internet Explorer 11 (IE11) in your account in Windows 8.1, and Windows RT 8.1.

Windows 7 does not have web credential manager and the answer to how to view and change passwords is below.

Note:

  • In Windows 8.1 and Windows RT 8.1, this is applied to both the modern and desktop IE11.
  • When you remove the stored password of a website, IE11 will start to ask “Would you like to store your password for (website)?” (if turned on) the next time you sign in to that site again.
  • If you use OPTION TWO below to remove all stored passwords for all websites, it will also reset all the sites that you clicked on Not for this site when asked if “Would you like to store your password for (website)?” so that IE11 will start to ask you this again the next time you sign in to them.

OPTION ONE: View and Remove Stored Passwords for Sites in Credential Manager

NOTE: This option is only available in Windows 8.1 and Windows RT 8.1.

1. Open the Control Panel (icons view), and click/tap on the Credential Manager icon.

2. Click/tap on Web Credentials, and expand a listed website (ex: www.eightforums.com) under “Web Passwords” that you want to view or remove it’s stored password, and do step 3 and/or 4 below.

3. To View the Stored Password of a Website:

A) Click/tap on the Show link for the website.

B) Enter your user account’s password to verify this is you, and click/tap on OK.

C) You will now see the password that was stored for the website. You can click/tap on the Hide link or close Credential Manager to no longer have the password show.

4. To Remove the Stored Password of a Website

A) Click/tap on the Remove link for the website.

B) Click/tap on Yes to confirm.

C) The stored password for the website is now removed from the list of “Web Passwords”.

5. When finished, you can close Credential Manager if you like.

OPTION TWO: Remove All Stored Passwords for All Sites by Deleting Browsing History

Note: This option will also reset all the sites that you clicked on Not for this site when asked if “Would you like to store your password for (website)?” so that IE11 will start to ask you this again the next time you sign in to them.

1. Do step 2 or 3 below for how you would like to open Internet Options for IE11.

2. Open the Control Panel (icons view), click/tap on the Internet Options icon, and go to step 4 below.

3. While in the desktop IE11, click/tap on the Tools, click/tap on the Internet Options icon, and go to step 4 below.

4. Do step 5 or 6 below for how you would like to open Delete Browsing History for IE11.

5. Click/tap on the Content tab, and click/tap on Settings under AutoComplete.

A) Click/tap on the Delete AutoComplete history button, and go to step 7 below. (see screenshot below)
NOTE:The Manage Passwords button will take you to step 2 in OPTION ONE.

Name: IE_Auto_Complete-3.jpg
Views: 91051
Size: 45.2 KB

6. Click/tap on the General tab, click/tap on the Delete button under Browing history, and go to step 7 below.

7. Check at least Passwords and any other item that you wish to delete, then click/tap on Delete.

8. If you used step 5, then click/tap on OK.

9. Click/tap on OK.

OPTION THREE: To Remove Stored Passwords for Websites using Modern IE11

NOTE: This option is only available in Windows 8.1 and Windows RT 8.1.

1. While on your Start screen, open the modern Internet Explorer 11.

2. Open the Charms bar while in modern IE11, and click/tap on Settings.

3. Click/tap on Options in Settings.

4. Under Passwords, click/tap on the Manage button.

5. Click/tap on a listed website (ex: www.eightforums.com) that you want to remove.
NOTE: If you see No accounts available, then it means that you currently do not have any stored passwords for websites.

6. Click/tap on Remove.

7. When finished. you can click/tap anywhere in modern IE11 to close Options.

That’s it,
Shawn

If you tried this on Windows 7 and came to the fact that your Windows doesn’t have Web Credential Manager, that is because it does not exist on Window 7! Windows 7 does not have web credential manager, it has a program called Windows Vault. Here are some details on Vault. Also, below are some additional uses which worked for a few users on some forums.

How To Use Windows 7 Credential Manager To Organize and Remember Passwords

1. Click the Start Menu Orb and Type in Windows vault, then Press Enter.

2. Once Windows Credential Manager loads up, you’ll need to select which type of password you want to save.

  • Windows Credentials: These are used to log into Windows-based systems on the network
  • Certificate-Based Credentials: Complicated and used for advanced system configurations
  • General Credentials: This type covers nearly all passwords for programs, websites, and services compatible with Windows Vault

In this example, we’ll use Windows Credentials to save the login information for another Windows computer on the local network. So Click Add a Windows credential.

3. In the top line Type in either the network address or the computer name (e.g. PC-DellXPS) depending on how you like to organize your information. For me, I’m going to just type the local IP address. In the next line Type in the User name, and then under that Type in the Password for that windows machine. The username should be the user account name that is normally used to log into Windows 7.

That’s all there is to it! Now Windows Vault will store the credentials and help you automatically log into the network location. If you end up changing your credentials, you’ll need to go back into Windows Vault and change them there too. Just Click Edit under the appropriate stored credential, and it will let you change all of its settings.

To change and view passwords for IE11 in Windows 7:

Here are some additional steps you can try:
To change the saved login id and password for a website on Internet Explorer, please try these steps:
1. Type the first letter of your user name, auto-complete will bring up a box of choices.
2. Highlight the username you want to delete. Hit the “delete” key.
3. Another auto-complete window will pop up saying, “Windows has a stored password for this user name. Do you want to delete the username and password?”
4. Click, “yes”.
5. Close Internet Explorer and reopen.
6. Type your user name and password in the website.
7. When you proceed with signing in you will get a popup “Do you want to save this password?”
8. Click Yes, for that popup.

You can also try this:
Step 1: Download NirSoft’s IE PassView from here, a free software to view and backup passwords saved in Internet Explorer browser.Step 2: Extract the downloaded zip file to get IE PassView executable and then double-click on the same to run it.Step 3: Upon running IE PassView, it will scan the browser for saved passwords and displays URLs, usernames and their passwords.

Step 4: To backup all passwords, select all entries, right-click on them and then click Save selected passwords to save all usernames and passwords in a text file.

Disable SIP ALG on USG

All versions prior to 5.6.x enable SIP ALG by default. You have to put the “config.ugw.voip.sip_alg_disable=true” in config.properties.

https://help.ubnt.com/hc/en-us/articles/205146040-UniFi-config-properties-File-Explanation

Double-check it’s in the right place and being applied. SSH to USG and run “show configuration commands |match modules”. Will see something like the following if it is:

$ show configuration commands |match modules
set system conntrack modules sip disable

As long as you see the “sip disable” there, it’s disabled. If that’s the case, when you SSH in and disable it again, it’s not actually changing anything, the only change, in that case, is rebooting the phones.

If disabling SIP ALG ‘fixes’ your issue, you need to create a custom JSON file, to make your CLI changes survive a re-provisioning of the USG. See here for a general guide:

https://help.ubnt.com/hc/en-us/articles/215458888-UniFi-How-to-further-customize-USG-configuration-w…

Read the Article:

https://community.ubnt.com/t5/UniFi-Routing-Switching/Disable-SIP-ALG-on-USG/td-p/1671570

Microsoft Security Bulletin MS14-066 – Critical November 11, 2014

Microsoft has released a critical patch via Windows Update that seals up a vulnerability that affects every modern version of Windows, including Windows Server 2003/2008/2012, Vista, 7, 8, 8.1, and Windows RT. 1

The patch, dubbed MS14-066, shores up a hole that would have allowed an attacker to remotely trigger code on your machine using specially crafted packets. Microsoft says they don’t know of any exploits that have actually used this, but it’s still a good idea to get the patch installed before there’s a problem. This isn’t too different from any other security patch, but the sheer number of machines affected means it’s good to make sure your system is up to date. You can grab the patch from Windows Update right now.

Published: November 11, 2014

Version: 1.0

This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.

This security update is rated Critical for all supported releases of Microsoft Windows. For more information, see the Affected Software section.

The security update addresses the vulnerability by correcting how Schannel sanitizes specially crafted packets. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability.

For more information about this update, see Microsoft Knowledge Base Article 2992611.

The following software has been tested to determine which versions or editions are affected. Other versions or editions are either past their support life cycle or are not affected. To determine the support life cycle for your software version or edition, see Microsoft Support Lifecycle.

Affected Software

Operating System Maximum Security Impact Aggregate Severity Rating Updates Replaced
Windows Server 2003
Windows Server 2003 Service Pack 2
(2992611)
Remote Code Execution Critical 2655992 in MS12-049
Windows Server 2003 x64 Edition Service Pack 2
(2992611)
Remote Code Execution Critical 2655992 in MS12-049
Windows Server 2003 with SP2 for Itanium-based Systems
(2992611)
Remote Code Execution Critical 2655992 in MS12-049
Windows Vista
Windows Vista Service Pack 2
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Vista x64 Edition Service Pack 2
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Server 2008 for x64-based Systems Service Pack 2
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Server 2008 for Itanium-based Systems Service Pack 2
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
(2992611)
Remote Code Execution Critical 2982378 inSA2871997
Windows 7 for x64-based Systems Service Pack 1
(2992611)
Remote Code Execution Critical 2982378 inSA2871997
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(2992611)
Remote Code Execution Critical 2982378 inSA2871997
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(2992611)
Remote Code Execution Critical 2982378 inSA2871997
Windows 8 and Windows 8.1
Windows 8 for 32-bit Systems
(2992611)
Remote Code Execution Critical 2868725 inSA2868725
Windows 8 for x64-based Systems
(2992611)
Remote Code Execution Critical 2868725 inSA2868725
Windows 8.1 for 32-bit Systems
(2992611)
Remote Code Execution Critical None
Windows 8.1 for x64-based Systems
(2992611)
Remote Code Execution Critical None
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012
(2992611)
Remote Code Execution Critical 2868725 inSA2868725
Windows Server 2012 R2
(2992611)
Remote Code Execution Critical None
Windows RT and Windows RT 8.1
Windows RT[1]
(2992611)
Remote Code Execution Critical 2868725 inSA2868725
Windows RT 8.1[1]
(2992611)
Remote Code Execution Critical None
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(2992611)
Remote Code Execution Critical 2207566 in MS10-085
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(2992611)
Remote Code Execution Critical 2982378 inSA2871997
Windows Server 2012 (Server Core installation)
(2992611)
Remote Code Execution Critical 2868725 inSA2868725
Windows Server 2012 R2 (Server Core installation)
(2992611)
Remote Code Execution Critical None

[1]This update is available via Windows Update only.

Does this update contain any additional security-related changes to functionality?
Yes. In addition to the changes that are listed in the Vulnerability Information section of this bulletin, this update includes changes to available TLS cipher suites. This update includes new TLS cipher suites that offer more robust encryption to protect customer information. These new cipher suites all operate in Galois/counter mode (GCM), and two of them offer perfect forward secrecy (PFS) by using DHE key exchange together with RSA authentication.

New Cipher Suites FIPS mode enabled Protocols Exchange Encryption Hash
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Yes TLS 1.2 DH AES SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 Yes TLS 1.2 DH AES SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384 Yes TLS 1.2 RSA AES SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256 Yes TLS 1.2 RSA AES SHA256

Severity Ratings and Vulnerability Identifiers

The following severity ratings assume the potential maximum impact of the vulnerability. For information regarding the likelihood, within 30 days of this security bulletin’s release, of the exploitability of the vulnerability in relation to its severity rating and security impact, please see the Exploitability Index in the November bulletin summary.

Vulnerability Severity Rating and Maximum Security Impact by Affected Software
Affected Software Microsoft Schannel Remote Code Execution Vulnerability – CVE-2014-6321 Aggregate Severity Rating
Windows Server 2003
Windows Server 2003 Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2003 x64 Edition Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2003 with SP2 for Itanium-based Systems
(2992611)
Critical
Remote Code Execution
Critical
Windows Vista
Windows Vista Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Vista x64 Edition Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008
Windows Server 2008 for 32-bit Systems Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 for x64-based Systems Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 for Itanium-based Systems Service Pack 2
(2992611)
Critical
Remote Code Execution
Critical
Windows 7
Windows 7 for 32-bit Systems Service Pack 1
(2992611)
Critical
Remote Code Execution
Critical
Windows 7 for x64-based Systems Service Pack 1
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 R2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
(2992611)
Critical
Remote Code Execution
Critical
Windows 8 and Windows 8.1
Windows 8 for 32-bit Systems
(2992611)
Critical
Remote Code Execution
Critical
Windows 8 for x64-based Systems
(2992611)
Critical
Remote Code Execution
Critical
Windows 8.1 for 32-bit Systems
(2992611)
Critical
Remote Code Execution
Critical
Windows 8.1 for x64-based Systems
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2012 R2
(2992611)
Critical
Remote Code Execution
Critical
Windows RT and Windows RT 8.1
Windows RT
(2992611)
Critical
Remote Code Execution
Critical
Windows RT 8.1
(2992611)
Critical
Remote Code Execution
Critical
Server Core installation option
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2012 (Server Core installation)
(2992611)
Critical
Remote Code Execution
Critical
Windows Server 2012 R2 (Server Core installation)
(2992611)
Critical
Remote Code Execution
Critical

Microsoft Schannel Remote Code Execution Vulnerability – CVE-2014-6321

A remote code execution vulnerability exists in the Secure Channel (Schannel) security package due to the improper processing of specially crafted packets. Microsoft received information about this vulnerability through coordinated vulnerability disclosure. When this security bulletin was issued, Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers. The update addresses the vulnerability by correcting how Schannel sanitizes specially crafted packets.

Mitigating Factors

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

FAQ

What might an attacker use the vulnerability to do?
An attacker who successfully exploited this vulnerability could run arbitrary code on a target server.

How could an attacker exploit the vulnerability?
An attacker could attempt to exploit this vulnerability by sending specially crafted packets to a Windows server.

What systems are primarily at risk from the vulnerability?
Server and workstation systems that are running an affected version of Schannel are primarily at risk.

For Security Update Deployment information, see the Microsoft Knowledge Base article “Microsoft Security Bulletin MS14-066 – Critical” in the Executive Summary.

Microsoft recognizes the efforts of those in the security community who help us protect customers through responsible vulnerability disclosure. See Acknowledgments for more information.

The information provided in the Microsoft Knowledge Base is provided “as is” without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

  • V1.0 (November 11, 2014): Bulletin published.
Sources: