Windows Vulnerability

You have recently heard about vulnerability that affects multiple software and operating system vendors. This vulnerability has been referred to as TLS Protocol CBC Mode Information Disclosure Vulnerability on many internet security sites. Your company uses a combination of Windows XP, SP3 and Windows 7 Professional, SP1 desktops as well as a combination of Windows 2003 and 2008 Enterprise servers, fully patched. Microsoft’s Internet Information Services (IIS7) and SharePoint 2010 have been deployed throughout the organization in order to provide secure document management from within the local network as well as from the internet. You need to find out the details of this vulnerability. You will need to provide a written report, answering the following questions: In which services, features or functions does the vulnerability exist? Which operating systems in the organization are vulnerable? What type of vulnerability is it, what level of exploitation can this vulnerability result in? Is there a fix; are there any known exploits in the wild or proof of concept code currently taking advantage of this vulnerability? If there is no patch available, or the patch is not compatible with your system, is there a work around? Are there any circumstances or conditions that must be in place in order to be susceptible to this vulnerability?