Catalytic was IBM's subscription, by the IBM X-Force Research department, which displayed a bug in Microsoft in May, to which 9.3 / 10 is now classified. The public announcement was made after a software update that can shut down the backdoor, provided everyone, including server administrators, haste to install the critical patch. According to IBM researchers, the bug can allow the remote code execution with which the attacker can acquire full control of a computer. The patch that closes the backdoor was put on Critical updating of the operating system for November. Although it was not known whether attacks should now be attributed to the Microsoft Security Secure Channel security clearance, experts are bothering the IT departments to install the patch after the bug is also available on Windows Server versions, and the security of websites that are required to handle encrypted data is at risk. In addition, disclosure of the fact does not exclude, on the contrary, increase the likelihood of now attacking target-oriented systems that have not installed critical information.
The security gap is considered as serious as the Heartbleed bug that was also found in 2014: HeartBleed: Does the heart of the Internet bleed, is it about you?