Microsoft has recently issued a critical patch to fix the vulnerability in almost all the latest version of Windows Operating System. The company hasn’t provided much insights about this vulnerability, but the security patch ( MS14-066) has something to do with the Microsoft Secure Channel, handling encryption and authentication .
The security update is critical for all supported releases of Windows, as the vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server (sounds pretty much similar to the Heartbleed bug).
There is no information if vulnerability has been exploited on massive scale, however it is recommended to download the patch and get it installed. If you haven’t got this update already, follow this link and choose your version of Windows to download MS14-066 patch.