Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
From our perspective, the best way to avoid exploitability of this issue is to force WSUS deployments to use a secured HTTPS channel.
The certificate presented by the WSUS server must be validated by…