If you've been in a coma for the past week, MS14-066 (CVE-2014-6321) is a TLS heap overflow vulnerability in Microsoft's schannel.dll, which can result in denial of service and even remote code execution on windows systems (the bug is exploitable during the TLS handshake stage, prior to any authentication).
more here........http://www.malwaretech.com/2014/11/how-ms14-066-winshock-is-worse-than.html
more here........http://www.malwaretech.com/2014/11/how-ms14-066-winshock-is-worse-than.html