Microsoft announced in their security bulletin for November that a vulnerability in SChannel could allow remote code execution, nicknamed WinShock (CVE-2014-6321). The Microsoft Secure Channel (Schannel) is the security package that implements SSL/TLS in all supported versions of Windows server and client operating systems. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server. It has an overall CVSS severity rating of HIGH with a exploitability rating of 1.
Ipswitch immediately assessed all of its products as soon as we became aware of the vulnerability. Many Ipswitch products rely on Microsoft Windows Schannel security provider for secure communications. To protect against this vulnerability, it is recommended that all customers apply the November 2014 patches to all Windows servers and clients running Ipswitch products. The November patches also include other critical security fixes, including another remote code execution vulnerability (MS14-064), so please install all of the updates.
Please find specific instructions in this Ipswitch Knowledgebase article. As always it's recommended that you test updates and carefully monitor the production system after making any changes.
If you have additional questions, please contact your Ipswitch account manager or preferred reseller.