Microsoft has revealed the existence of a critical vulnerability in all versions of Windows operating systems. The vulnerability resides in the Microsoft secure channel (schannel) security component that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) standard authentication protocols. Microsoft issued a security advisory (Microsoft Security Bulletin MS14-066) on the vulnerability that could be exploited remotely to execute arbitrary code. Experts speculate that the remote-code vulnerability may impact every Windows-based system that run software that listen Internet ports and accepts encrypted connections from outside.”]
Source: https://securityaffairs.co/wordpress/30112/security/critical-bug-ms14-066.html