Microsoft Schannel (Microsoft Secure Channel)

The Microsoft Secure Channel or Schannel is a security package that facilitates the use of Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) encryption on Windows platforms.

Schannel contains four specific security protocols that provide identity authentication and private communication between a client and a server, and automatically chooses the best protocol depending on the capabilities of the client and server. The protocols include TLS 1.1 and 1.2, and SSL 2.0 and 3.0.

To create a secure connection, both the client and server need to obtain Schannel credentials (X.509 certificates) and then create a security session. Once the connection is established, information about the attributes of the credential and its context is available. If a connection is lost, it can be renegotiated by requesting a redo. Before shutting down the connection, both client and server need to perform a cleanup and then delete the connection.

In 2014, a serious Schannel vulnerability called WinShock was discovered. WinShock enables attackers to exploit a vulnerable system by sending specially crafted packets. It was rated 10.0, the maximum level of severity, according to the Common Vulnerability Scoring System. Windows released a patch for the flaw as part of its November 2014 Patch Tuesday cycle.