What do you all make of this recent CERT alert about the Microsoft SChannel vulnerability that allows remote exploits of WIndows systems? https://www.us-cert.gov/ncas/alerts/TA14-318A
My concern is that all the Microsoft articles to which it makes reference makes it seem like everything is sufficiently patched if you're up to date. So what exactly is new here? Is this a real new exploit? On the one hand, Microsoft articles reference various patches for different OSes that take care of different vulnerabilities. On the other hand, the guy exposing the exploit says Microsoft won't have a patch ready till December.
This seems confusing and contradictory. What do y'all think?