SIGNIFLOW

Discover our signature platform: sign and request signature for your PDFs in a fex clicks!

JOIN OUR AFFILIATE NETWORK

Join our affiliate network
and become a local SSL expert
Learn more about our program

PRODUCTS TO DISCOVER

SSL certificates Invoice signature eIDAS certificates Signature software

Menu
picture of tbs certificates
picture of tbs certificates
Certificates
ALL CERTIFICATES
SSL Extended Validation SSL Standard RGS certificates eIDAS certificates SSL ECC SSL wildcard SSL Multiple sites / SAN Quick and Dirty SSL
Specific certificates VMC certificates
E-signature Strong authentication S/MIME certificates
Test certificates PKI Solutions Trust Seals
SigniFlow: the platform to sign and request signature for your documents
Signature software
Our products range
TBS X509 DigiCert Thawte Sectigo GlobalSign GeoTrust Certigna ChamberSign SigniFlow Harica
Partners
Client login Customer accounts Open an account
Support
FAQ SHA256: Browsers' compatibility ECC: Browsers' compatibility
Focus
Invoices dematerialization
We now provide solutions compliant with RGS** and eIDAS qualified standards for invoices signature and time stamping. Further information


20141112 - Microsoft's schannel vulnerability

Yesterday was announced a serious security failure impacting servers using the Microsoft SCHANNEL library.

This livrary is used by all Windows OSes but also by third part editors for cryptographic services such as https web servers (SSL/TLS).

This vulnerability makes it possible to execute code remotely. It is considered critical by Microsoft.

Microsoft does ot provide any details for now about the vulnerability age nor on its exploitation.

Potential consequences

Any server or Windows machine listening a port reachable online is in danger. Thoses reachable internally are also in danger of an indirect attack.

Is your server impacted?

Microsoft communicated this list, to which must be added Windows that are not supported anymore...

  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems
  • Windows Vista Service Pack 2
  • Windows Vista x64 Edition Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Windows Server 2008 Server Core installation affected)
  • Windows Server 2008 for Itanium-based Systems Service Pack 2
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Windows Server 2008 R2 Server Core installation affected)
  • Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
  • Windows 8 for 32-bit Systems
  • Windows 8 for x64-based Systems
  • Windows 8.1 for 32-bit Systems
  • Windows 8.1 for x64-based Systems
  • Windows Server 2012 (Windows Server 2012 Server Core installation affected)
  • Windows Server 2012 R2(Windows Server 2012 R2 Server Core installation affected)
  • Windows RT
  • Windows RT 8.1

Our recommendations

You must install the updated version provided by Microsoft.

A technical note is available here: https://technet.microsoft.com/library/security/MS14-066

Ideally, impacted servers should be closed temporarily, in order to give administrators time to install the update.

PLEASE NOTE: This security bug comes from Microsoft SCHANNEL software, not from TBS INTERNET nor from Certification Authorities or X509 certificates themselves.